Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.01.2016, 15:27   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



Poste mal bitte nur die Funde. Was unsichtbar ist, ist nicht so relevant...
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 25.01.2016, 15:29   #17
Bene25
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



Ok, also hier das Log ab der Stelle "über gestartete Prozesse":

Avira 2. Suchlauf:

Code:
ATTFilter
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '155' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '105' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdAwareService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'setqos.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'HelperService.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'ConversionService.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'SCVSSSvc.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDFSSvc.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDUpdSvc.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynoDrServicex64.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer_Service.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'TODDSrv.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosCoSrv.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'CodeMeter.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDWSCSvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'TecoService.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '242' Modul(e) wurden durchsucht
Durchsuche Prozess 'TDLPowerCtrl.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apoint.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'TPwrMain.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'TCrdMain.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosNcCore.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'ApMsgFwd.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'owncloud.exe' - '98' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosBtMng.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqtra08.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'MFManager.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '182' Modul(e) wurden durchsucht
Durchsuche Prozess 'ONENOTEM.EXE' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'TNROTATE.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosSyncScheduler.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'HidFind.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apntex.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'adawarebp.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'Control Center.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDTray.exe' - '114' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdf24.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpwuschd2.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosBtSrv.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosA2dp.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosBtHid.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '240' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosBtAvAC.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosBtHsp.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '120' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqSTE08.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqbam08.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCleaner64.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'GWX.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'NDSTray.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'CFSwMgr.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'CFIWmxSvcs64.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'CFSvcs.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'NASvc.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'SBAMSvc.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosSmartSrv.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'TosSENotify.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '157' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '159' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_20_0_0_286.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_20_0_0_286.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'lightroom.exe' - '156' Modul(e) wurden durchsucht
Durchsuche Prozess 'WISPTIS.EXE' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'thunderbird.exe' - '148' Modul(e) wurden durchsucht
Durchsuche Prozess 'foobar2000.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOTEPAD.EXE' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOTEPAD.EXE' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOTEPAD.EXE' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOTEPAD.EXE' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '125' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '36' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '15299' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <System>
Beginne mit der Suche in 'K:\' <Bunker>
    [0] Archivtyp: RSRC
    --> C:\Program Files (x86)\GetData\Recover My Files v5\RecoverMyFiles.exe
        [1] Archivtyp: RSRC
      --> C:\Program Files\Beyond Compare 4\BCompare.exe
          [2] Archivtyp: RSRC
        --> C:\Program Files\Beyond Compare 4\BCompare.exe
            [3] Archivtyp: RSRC
          --> C:\Program Files (x86)\GetData\Recover My Files v5\RecoverMyFiles.exe
              [4] Archivtyp: RSRC
            --> C:\Program Files (x86)\PC Connectivity Solution\WUDFUpdate_01009.dll
                [5] Archivtyp: RSRC
              --> C:\Windows\System32\WUDFUpdate_01009.dll
                  [6] Archivtyp: RSRC
                --> C:\Windows\System32\DriverStore\FileRepository\pccswpddriver.inf_amd64_neutral_6a1c3221782e911c\WUDFUpdate_01009.dll
                    [7] Archivtyp: RSRC
                  --> K:\$RECYCLE.BIN\S-1-5-21-50433080-710429258-2441499552-1000\$RIVOL9P\Backup Set 2016-01-17 190003\Backup Files 2016-01-17 190003\Backup files 1.zip
                      [8] Archivtyp: ZIP
                    --> C/AdwCleaner/Quarantine/C/Program Files (x86)/LyricsSeeker/131.crx.vir
                        [9] Archivtyp: CRX
                      --> cs.js
                          [FUND]      Enthält Erkennungsmuster der Adware ADWARE/AddLyrics.Gen
                          [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
K:\$RECYCLE.BIN\S-1-5-21-50433080-710429258-2441499552-1000\$RIVOL9P\Backup Set 2016-01-17 190003\Backup Files 2016-01-17 190003\Backup files 1.zip
  [FUND]      Enthält Erkennungsmuster der Adware ADWARE/AddLyrics.Gen

Beginne mit der Desinfektion:
K:\$RECYCLE.BIN\S-1-5-21-50433080-710429258-2441499552-1000\$RIVOL9P\Backup Set 2016-01-17 190003\Backup Files 2016-01-17 190003\Backup files 1.zip
  [FUND]      Enthält Erkennungsmuster der Adware ADWARE/AddLyrics.Gen
  [HINWEIS]   Die Datei wurde gelöscht.


Ende des Suchlaufs: Donnerstag, 21. Januar 2016  09:45
Benötigte Zeit:  6:35:30 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

 124915 Verzeichnisse wurden überprüft
 2528562 Dateien wurden geprüft
      2 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      1 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 2528560 Dateien ohne Befall
  31272 Archive wurden durchsucht
      1 Warnungen
   5895 Hinweise
 1841734 Objekte wurden beim Rootkitscan durchsucht
   5894 Versteckte Objekte wurden gefunden
         
Malwarebytes Anti-Malware hat einen "PUP.Optional.Conduit" an mehreren Stellen gefunden und entfernt:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 20.01.2016
Suchlaufzeit: 12:38
Protokolldatei: malwarebytes.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.01.20.03
Rootkit-Datenbank: v2016.01.09.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: benjamka

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 523536
Abgelaufene Zeit: 18 Min., 38 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Conduit, HKU\S-1-5-21-50433080-710429258-2441499552-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [fce7a09be8b10e2853bba80fd62d36ca], 

Registrierungswerte: 2
PUP.Optional.Conduit, HKU\S-1-5-21-50433080-710429258-2441499552-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.bing.com/search?pc=COSP&ptag=D011916-AD42D1DB7E9&form=CONBDF&conlogo=CT3334497&q={searchTerms}, In Quarantäne, [fce7a09be8b10e2853bba80fd62d36ca]
PUP.Optional.Conduit, HKU\S-1-5-21-50433080-710429258-2441499552-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURL, hxxp://www.bing.com/search?pc=COSP&ptag=D011916-AD42D1DB7E9&form=CONBDF&conlogo=CT3334497&q={searchTerms}, In Quarantäne, [31b2c972d3c633037b93feb9a360669a]

Registrierungsdaten: 1
PUP.Optional.Conduit, HKU\S-1-5-21-50433080-710429258-2441499552-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.bing.com/?pc=COSP&ptag=D011916-AD42D1DB7E9&form=CONMHP&conlogo=CT3334497, Gut: (www.google.com), Schlecht: (hxxp://www.bing.com/?pc=COSP&ptag=D011916-AD42D1DB7E9&form=CONMHP&conlogo=CT3334497),Ersetzt,[984b0e2dc6d39d9932a1b2077b8950b0]

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 2
PUP.Optional.Conduit, C:\Prefs.js, In Quarantäne, [01e21c1f0e8bf046144886600202748c], 
PUP.Optional.Conduit, C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\2sdewnmb.Bene\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.bing.com/?pc=COSP&ptag=D011916-AD42D1DB7E9&form=CONMHP&conlogo=CT3334497");), Ersetzt,[34afc7741188fd39b1a42db3758fc13f]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
__________________


Alt 25.01.2016, 15:31   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



ok...die FRST Logs brauch ich noch
__________________
__________________

Alt 25.01.2016, 15:32   #19
Bene25
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



Und hier die FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
durchgeführt von benjamka (Administrator) auf BBKLAPTOP (25-01-2016 13:48:53)
Gestartet von C:\Users\benjamka\Downloads
Geladene Profile: benjamka (Verfügbare Profile: benjamka & BBK 64 & Hombre & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\NETGEAR\USB Media Extender\SetQos.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Second Copy 8\SCVSSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Intelligent Display Management\TDLPowerCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Dropbox, Inc.) C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office 2007\Office12\ONENOTEM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TNROTATE\TNROTATE.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\Sync Utility\TosSyncScheduler.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\NETGEAR\USB Media Extender\Control Center.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtAvAC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TDLPowerCtrl] => C:\Program Files\TOSHIBA\TOSHIBA Intelligent Display Management\TDLPowerCtrl.exe [498120 2011-01-24] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-19] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [328048 2011-01-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2011-01-17] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [TNRotate] => C:\Program Files (x86)\TOSHIBA\TNRotate\TNRotate.exe [607688 2010-11-25] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-05] (TOSHIBA)
HKLM-x32\...\Run: [TSUScheduler] => C:\Program Files (x86)\TOSHIBA\Sync Utility\TosSyncScheduler.exe [923000 2010-05-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542104 2012-12-12] (Lavasoft)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Netgear UDS Control Center] => C:\Program Files (x86)\NETGEAR\USB Media Extender\Control Center.exe [22641664 2012-06-25] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-07-21] (Geek Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [Dropbox Update] => C:\Users\benjamka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1890830 2015-12-03] ()
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-02-02]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2015-11-06]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-08-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2013-12-29]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\BBK 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\benjamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\benjamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2012-02-19]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office 2007\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6F3EF3E1-6473-4698-9280-C471DE069571}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{EF8C008F-760B-40DB-AA0D-C662DC07F9EF}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM -> {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-50433080-710429258-2441499552-1000 -> DefaultScope {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = 
SearchScopes: HKU\S-1-5-21-50433080-710429258-2441499552-1000 -> {29AA9FFF-B981-40A6-8F74-F02CAD29809D} URL = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-50433080-710429258-2441499552-1000 -> {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = 
SearchScopes: HKU\S-1-5-21-50433080-710429258-2441499552-1000 -> {895F93D1-22C5-4CCF-8735-43F9FF5FBF91} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-28] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-28] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (<TOSHIBA>)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} 
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\2sdewnmb.Bene
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D011916-AD42D1DB7E9&form=CONMHP&conlogo=CT3334497
FF SelectedSearchEngine: Bing®
FF Homepage: www.google.de
FF Session Restore: -> ist aktiviert.
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll [Keine Datei]
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\searchplugins\google-deutschland.xml [2015-09-03]
FF SearchPlugin: C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\searchplugins\ixquick-https---deutsch.xml [2015-10-05]
FF SearchPlugin: C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\2sdewnmb.Bene\searchplugins\bing-lavasoft.xml [2016-01-19]
FF Extension: Lavasoft Search Plugin - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013-01-15] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: BetterPrivacy - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-09-17]
FF Extension: Session Manager - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\2sdewnmb.Bene\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-01-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-01-07] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-10] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-08-09] [ist nicht signiert]
FF HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HKU\S-1-5-21-50433080-710429258-2441499552-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236968 2012-12-14] (Lavasoft Limited)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1212048 2015-09-03] (Avira Operations GmbH & Co. KG)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NuSetQos; C:\Program Files (x86)\NETGEAR\USB Media Extender\\setqos.exe [718848 2012-06-15] () [Datei ist nicht signiert]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2015-03-03] ()
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 SCVSSService; C:\Program Files (x86)\Second Copy 8\SCVSSSvc.exe [968448 2010-04-13] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SynoDrService; C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe [384072 2013-10-09] ()
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-11-08] (AVM Berlin)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-15] (GFI Software)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NetgearUDSMBus; C:\Windows\SysWow64\Drivers\NetgearUDSMBus.sys [106632 2012-06-15] (Windows (R) Codename Longhorn DDK provider)
R3 NetgearUDSTcpBus; C:\Windows\SysWow64\Drivers\NetgearUDSTcpBus.sys [182920 2012-06-15] (Windows (R) Codename Longhorn DDK provider)
S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [195416 2015-10-08] (IDRIX)
S1 SBRE; \??\C:\windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-25 12:22 - 2016-01-25 12:22 - 00000000 ____H C:\ProgramData\cm-lock
2016-01-22 14:09 - 2016-01-22 14:14 - 00093463 _____ C:\Users\benjamka\Downloads\Addition.txt
2016-01-22 14:08 - 2016-01-25 13:48 - 00036200 _____ C:\Users\benjamka\Downloads\FRST.txt
2016-01-22 14:08 - 2016-01-22 14:08 - 02370560 _____ (Farbar) C:\Users\benjamka\Downloads\FRST64.exe
2016-01-20 14:08 - 2016-01-20 14:08 - 00003273 _____ C:\Users\benjamka\AppData\Local\recently-used.xbel
2016-01-19 21:03 - 2016-01-19 21:03 - 00000000 ____D C:\searchplugins
2016-01-19 21:02 - 2016-01-20 09:21 - 00002896 _____ C:\windows\SysWOW64\LavasoftTcpServiceOff.ini
2016-01-19 21:02 - 2016-01-20 09:21 - 00002896 _____ C:\windows\system32\LavasoftTcpServiceOff.ini
2016-01-19 21:02 - 2016-01-19 21:02 - 00425744 _____ (Lavasoft Limited) C:\windows\system32\LavasoftTcpService64.dll
2016-01-19 21:02 - 2016-01-19 21:02 - 00345360 _____ (Lavasoft Limited) C:\windows\SysWOW64\LavasoftTcpService.dll
2016-01-19 21:02 - 2016-01-19 21:02 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\MPC-HC
2016-01-19 21:01 - 2016-01-19 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-01-19 21:01 - 2016-01-19 21:01 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-01-19 21:01 - 2015-12-18 11:00 - 00755200 _____ C:\windows\system32\xvidcore.dll
2016-01-19 21:01 - 2015-12-18 11:00 - 00674816 _____ C:\windows\SysWOW64\xvidcore.dll
2016-01-19 21:01 - 2015-12-18 11:00 - 00309248 _____ C:\windows\system32\xvidvfw.dll
2016-01-19 21:01 - 2015-12-18 11:00 - 00282112 _____ C:\windows\SysWOW64\xvidvfw.dll
2016-01-19 21:01 - 2015-10-24 18:00 - 00126976 _____ C:\windows\system32\ff_vfw.dll
2016-01-19 21:01 - 2015-10-24 18:00 - 00112128 _____ C:\windows\SysWOW64\ff_vfw.dll
2016-01-19 21:01 - 2015-02-28 17:22 - 03571200 _____ (x264vfw project) C:\windows\system32\x264vfw64.dll
2016-01-19 21:01 - 2015-02-28 17:21 - 03591680 _____ (x264vfw project) C:\windows\SysWOW64\x264vfw.dll
2016-01-19 21:01 - 2012-07-21 12:55 - 00180736 _____ (fccHandler) C:\windows\system32\ac3acm.acm
2016-01-19 21:01 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\windows\SysWOW64\ac3acm.acm
2016-01-19 21:01 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\windows\system32\lagarith.dll
2016-01-19 21:01 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\windows\SysWOW64\lagarith.dll
2016-01-19 20:57 - 2016-01-19 20:57 - 42013590 _____ ( ) C:\Users\benjamka\Downloads\K-Lite_Codec_Pack_1180_Mega.exe
2016-01-19 03:01 - 2016-01-19 03:01 - 00000000 ____D C:\Users\benjamka\AppData\Local\NokiaAccount
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p23].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p22].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p21].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p20].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p19].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p18].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p17].bmp
2016-01-16 19:14 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p16].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p15].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p14].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p13].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p12].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p11].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p10].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p09].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p08].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p07].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p06].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p05].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p04].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p03].bmp
2016-01-16 19:13 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p02].bmp
2016-01-14 13:28 - 2016-01-14 13:52 - 00000000 ____D C:\Users\benjamka\Documents\MyScans
2016-01-14 13:26 - 2016-01-14 13:29 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Foxit Scanner Images
2016-01-13 09:42 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-01-13 09:42 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2016-01-13 09:42 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-01-13 09:42 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-01-13 09:42 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-01-13 09:42 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 09:42 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-01-13 09:42 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-01-13 09:42 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-01-13 09:42 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-01-13 09:42 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2016-01-13 09:42 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2016-01-13 09:42 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2016-01-13 09:42 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2016-01-13 09:41 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-01-13 09:41 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-01-13 09:41 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-01-13 09:41 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-01-13 09:41 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-01-13 09:41 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-01-13 09:41 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-01-13 09:41 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-01-13 09:41 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-01-13 09:41 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-01-13 09:41 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-01-13 09:41 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-01-13 09:41 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-01-13 09:41 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-01-13 09:41 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-01-13 09:41 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-01-13 09:41 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-01-13 09:41 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-01-13 09:41 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-01-13 09:41 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 09:41 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-01-13 09:41 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-01-13 09:41 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-01-13 09:41 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-01-13 09:41 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-01-13 09:41 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-01-13 09:41 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-01-13 09:41 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-01-13 09:41 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-01-13 09:41 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-01-13 09:41 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-01-13 09:41 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-01-13 09:41 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-01-13 09:41 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-01-13 09:41 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-01-13 09:41 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-01-13 09:41 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-01-13 09:41 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-01-13 09:41 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-01-13 09:41 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 09:41 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-01-13 09:41 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-01-13 09:41 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-01-13 09:41 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-01-13 09:41 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-01-13 09:41 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-01-13 09:41 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-01-13 09:41 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-01-13 09:41 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-01-13 09:41 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-01-13 09:41 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-01-13 09:41 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-01-13 09:41 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-01-13 09:41 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-01-13 09:41 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-01-13 09:41 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-01-13 09:41 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 09:41 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 09:41 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-01-13 09:41 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-01-13 09:41 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-01-13 09:41 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-01-13 09:41 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-01-13 09:41 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-01-13 09:41 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-01-13 09:41 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-01-13 09:41 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-01-13 09:41 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-01-13 09:41 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-01-13 09:41 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-01-13 09:41 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-01-13 09:41 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-01-13 09:41 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-01-13 09:40 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-01-13 09:40 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-01-13 09:40 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-01-13 09:40 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-01-13 09:40 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-01-13 09:40 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-01-13 09:40 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-01-13 09:40 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-01-13 09:40 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-01-13 09:40 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-01-13 09:40 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-01-13 09:40 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-01-13 09:40 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-01-13 09:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-01-13 09:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-01-13 09:40 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-01-13 09:40 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-01-13 09:40 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-01-13 09:40 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-01-13 09:40 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-01-13 09:40 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-01-13 09:40 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-01-13 09:40 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-01-13 09:40 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-01-13 09:40 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-01-13 09:40 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-01-13 09:40 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-01-13 09:40 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-01-13 09:40 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-01-13 09:40 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-01-13 09:40 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-01-13 09:40 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-01-13 09:40 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-01-13 09:40 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-01-13 09:40 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 09:40 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-01-13 09:40 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-01-13 09:40 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-01-13 09:40 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-01-13 09:40 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-01-13 09:40 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-01-13 09:40 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-01-12 16:49 - 2016-01-19 21:02 - 00000000 ____D C:\Users\benjamka\AppData\Local\CrashDumps
2016-01-12 04:13 - 2016-01-12 04:13 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\JAM Software
2016-01-12 04:13 - 2016-01-12 04:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2016-01-12 04:13 - 2016-01-12 04:13 - 00000000 ____D C:\Program Files (x86)\JAM Software
2016-01-09 23:19 - 2016-01-09 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2016-01-09 23:16 - 2016-01-10 02:24 - 00000000 ____D C:\xampp
2016-01-09 23:04 - 2016-01-11 02:37 - 00000106 _____ C:\Users\benjamka\Documents\urls.txt
2016-01-09 01:20 - 2016-01-09 01:20 - 00273025 _____ C:\Users\benjamka\Documents\Logo2.xcf
2016-01-08 22:22 - 2016-01-08 22:22 - 00003971 _____ C:\Users\benjamka\Documents\wp-config.php
2016-01-07 11:04 - 2016-01-09 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-02 12:05 - 2016-01-02 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-27 20:21 - 2009-06-10 22:00 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts.20151227-202141.backup
2015-12-26 02:35 - 2016-01-09 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-25 13:48 - 2015-11-13 22:40 - 00000000 ____D C:\FRST
2016-01-25 12:58 - 2015-06-16 11:48 - 00001236 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000UA.job
2016-01-25 12:52 - 2012-09-11 19:44 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-25 12:50 - 2012-07-30 17:58 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-01-25 12:38 - 2009-07-14 05:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-25 12:38 - 2009-07-14 05:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-25 12:28 - 2011-02-11 09:21 - 00699682 _____ C:\windows\system32\perfh007.dat
2016-01-25 12:28 - 2011-02-11 09:21 - 00149790 _____ C:\windows\system32\perfc007.dat
2016-01-25 12:28 - 2009-07-14 06:13 - 01620684 _____ C:\windows\system32\PerfStringBackup.INI
2016-01-25 12:28 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-01-25 12:23 - 2015-11-14 01:09 - 00000000 ____D C:\Users\benjamka\AppData\Local\ownCloud
2016-01-25 12:23 - 2012-09-11 19:44 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-25 12:23 - 2012-05-30 19:58 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2016-01-25 12:23 - 2012-05-20 20:58 - 00000000 ___RD C:\Users\benjamka\Dropbox
2016-01-25 12:23 - 2012-05-20 20:56 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Dropbox
2016-01-25 12:22 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-01-25 02:00 - 2014-08-28 22:26 - 00000000 ____D C:\Users\benjamka\AppData\Local\Adobe
2016-01-24 23:03 - 2012-01-24 21:09 - 00000000 ___RD C:\Users\benjamka
2016-01-24 19:00 - 2015-12-11 16:43 - 00000000 ____D C:\Users\benjamka\Documents\Golem
2016-01-24 15:33 - 2015-06-04 22:27 - 00000000 ____D C:\Users\benjamka\.gimp-2.8
2016-01-24 08:24 - 2015-12-09 19:11 - 00005385 _____ C:\Users\benjamka\Documents\Spamtexts.txt
2016-01-24 08:24 - 2012-01-25 21:14 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\foobar2000
2016-01-23 16:35 - 2014-08-09 16:15 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-23 15:32 - 2009-07-14 06:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-01-22 14:17 - 2015-08-17 23:07 - 00000000 ____D C:\Users\benjamka\Documents\Schrift-Feld
2016-01-22 14:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-22 14:05 - 2015-06-16 11:48 - 00001184 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000Core.job
2016-01-22 13:34 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2016-01-20 14:22 - 2013-01-15 22:06 - 00000000 ____D C:\ProgramData\Lavasoft
2016-01-20 14:22 - 2012-02-01 20:13 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-01-20 14:08 - 2015-06-25 11:24 - 00000000 ____D C:\Users\benjamka\AppData\Local\gtk-2.0
2016-01-19 21:02 - 2012-02-02 03:58 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\vlc
2016-01-19 20:50 - 2012-07-30 17:58 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 20:50 - 2012-03-31 08:40 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-01-19 20:50 - 2012-01-25 10:23 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-19 10:58 - 2012-01-24 21:15 - 00110376 _____ C:\Users\benjamka\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-19 10:56 - 2009-07-14 05:45 - 00501824 _____ C:\windows\system32\FNTCACHE.DAT
2016-01-19 03:14 - 2011-05-15 18:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-19 03:01 - 2015-10-13 21:56 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Nokia Suite
2016-01-19 03:01 - 2015-10-13 21:56 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Nokia
2016-01-19 03:01 - 2015-10-13 21:18 - 00000000 ____D C:\ProgramData\Nokia
2016-01-19 03:01 - 2015-10-13 21:17 - 00000000 ____D C:\Program Files (x86)\Nokia
2016-01-16 19:28 - 2013-01-22 19:33 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\FileZilla
2016-01-14 17:47 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2016-01-14 16:09 - 2014-08-14 18:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-14 14:08 - 2013-11-22 16:55 - 00000000 ____D C:\Users\benjamka\Documents\Business
2016-01-14 13:19 - 2011-05-15 18:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-01-14 13:18 - 2011-05-15 18:27 - 00000000 ____D C:\ProgramData\Adobe
2016-01-14 13:09 - 2015-11-24 19:27 - 00000000 ___RD C:\Users\benjamka\Documents\Scanned Documents
2016-01-14 11:36 - 2013-03-14 17:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 11:36 - 2013-03-14 17:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 23:30 - 2013-03-14 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 23:30 - 2012-01-25 17:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-13 23:16 - 2014-02-14 20:24 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\MyPhoneExplorer
2016-01-13 12:19 - 2015-04-16 18:24 - 00000000 ____D C:\windows\system32\appraiser
2016-01-13 12:19 - 2014-05-06 21:40 - 00000000 ___SD C:\windows\system32\CompatTel
2016-01-13 01:40 - 2015-09-14 20:59 - 00000000 ____D C:\Users\benjamka\Documents\Eigene Scans
2016-01-09 23:08 - 2012-05-12 13:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-08 16:00 - 2014-04-26 14:03 - 00001962 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-01-08 16:00 - 2013-01-22 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-01-08 16:00 - 2013-01-22 19:33 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2016-01-05 05:06 - 2012-02-21 22:26 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Skype
2016-01-03 15:20 - 2015-08-09 13:43 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\HpUpdate
2016-01-02 12:06 - 2011-05-15 18:55 - 00000000 ____D C:\ProgramData\Skype
2016-01-02 12:05 - 2014-03-19 23:14 - 00000000 ____D C:\Users\benjamka\AppData\Local\Skype
2016-01-02 12:05 - 2011-05-15 18:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-27 19:32 - 2013-08-22 20:55 - 00000000 ____D C:\Program Files (x86)\Steam

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-20 14:08 - 2016-01-20 14:08 - 0003273 _____ () C:\Users\benjamka\AppData\Local\recently-used.xbel
2014-02-09 21:36 - 2015-11-08 13:29 - 0007627 _____ () C:\Users\benjamka\AppData\Local\Resmon.ResmonCfg
2016-01-16 19:13 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p02].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p03].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p04].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p05].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p06].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p07].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p08].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p09].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p10].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p11].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p12].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p13].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p14].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p15].bmp
2016-01-16 19:14 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p16].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p17].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p18].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p19].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p20].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p21].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p22].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p23].bmp
2012-12-26 00:20 - 2013-11-22 16:33 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-01-25 12:22 - 2016-01-25 12:22 - 0000000 ____H () C:\ProgramData\cm-lock
2012-02-21 22:28 - 2012-02-21 22:28 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2015-08-03 19:02 - 2015-08-09 14:19 - 0034260 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\BBK 64\AppData\Local\Temp\avgnt.exe
C:\Users\benjamka\AppData\Local\Temp\avgnt.exe
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\Hombre\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-19 13:14

==================== Ende von FRST.txt ============================
         

Alt 25.01.2016, 15:59   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



Addition.txt Logfile fehlt

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 25.01.2016, 16:09   #21
Bene25
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



Sorry...

Hier die Addition.txt:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016
durchgeführt von benjamka (2016-01-22 14:09:40)
Gestartet von C:\Users\benjamka\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-01-24 20:09:27)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-50433080-710429258-2441499552-500 - Administrator - Disabled)
BBK 64 (S-1-5-21-50433080-710429258-2441499552-1004 - Administrator - Enabled) => C:\Users\BBK 64
benjamka (S-1-5-21-50433080-710429258-2441499552-1000 - Administrator - Enabled) => C:\Users\benjamka
Gast (S-1-5-21-50433080-710429258-2441499552-501 - Limited - Enabled) => C:\Users\Gast
Hombre (S-1-5-21-50433080-710429258-2441499552-1005 - Limited - Enabled) => C:\Users\Hombre
HomeGroupUser$ (S-1-5-21-50433080-710429258-2441499552-1007 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Lavasoft Ad-Aware (Enabled - Out of date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Lavasoft Ad-Aware (Enabled - Out of date) {5BB89C30-6480-BC7C-9F17-199BD76F557A}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Lavasoft Ad-Aware (Enabled) {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4500_G510nz_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Ad-Aware Antivirus (HKLM-x32\...\{2819e172-81d5-4113-88bd-4605b02344e0}) (Version: 10.4.49.4168 - Lavasoft)
Ad-Aware Browsing Protection (HKLM-x32\...\Ad-Aware Browsing Protection) (Version: 1.0.1.82 - Lavasoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Illustrator CS (HKLM-x32\...\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}) (Version: 11 - Adobe Systems, Inc.)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.106.303.203 - ALPS ELECTRIC CO., LTD.)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aptana Studio 3 (HKLM-x32\...\Aptana Studio 3) (Version: 3.0.0 - Appcelerator, Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.06(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version:  - )
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.51.2 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.12.2.1 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.12.2.0 - Canon Inc.)
CBL Daten-Shredder (HKLM-x32\...\{560E96B3-356D-4572-9FE3-B44F9AB92622}) (Version: 1.0.0 - CBL Datenrettung GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.3.20130522 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
File Scavenger 4.3 (en) (HKLM-x32\...\QueTek File Scavenger 4.3 (en)) (Version: 4.3.2.0 - QueTek Consulting Corporation)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
foobar2000 v1.1.10 (HKLM-x32\...\foobar2000) (Version: 1.1.10 - Peter Pawlowski)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GetDataBack for FAT (HKLM-x32\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 4.33.000 - Runtime Software)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.33.000 - Runtime Software)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{4BA6784F-3B10-473A-B9F5-33A36AC354D5}) (Version: 3.0.14358 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.)
GrampsAIO64 (HKLM-x32\...\GrampsAIO64 4.1.2) (Version: 4.1.2 - The GRAMPS project)
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Macromedia Extension Manager (HKLM-x32\...\{0F022A2E-7022-497D-90A5-0F46746D8275}) (Version: 1.7.270 - Ihr Firmenname)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 (HKLM-x32\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.6.11500.16.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13300.36.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}) (Version: 10.5.14800 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10300.25.0 - Nero AG)
NETGEAR Powerline Utility (HKLM-x32\...\InstallShield_{2753B568-6F85-4E31-A114-A7F8D8606DDD}) (Version: 3.1.0.3 - NETGEAR Powerline)
NETGEAR Powerline Utility (x32 Version: 3.1.0.3 - NETGEAR Powerline) Hidden
NETGEAR USB Media Extender  (HKLM-x32\...\{402E9ECB-92CE-49EE-8ABC-ECE73D009ED8}) (Version: 1.31 - NETGEAR)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Open Sea Map - Data Logger - Logs data from ship's data networks (HKLM-x32\...\Open Sea Map Data Logger) (Version: "1.0.0" - "Open Sea Map")
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.1.0.5683 - ownCloud)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PRE12 STI 64Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6293 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.1 - Renesas Electronics Corporation) Hidden
RICOH Media Driver v2.13.17.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.17.01 - RICOH)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Synology Cloud Station (HKLM-x32\...\{102406C7-6BD4-47AA-A858-A54C7002E32E}) (Version: 3.1.3320 - Synology)
Synology Data Replicator  3 (HKLM-x32\...\{8E310838-457C-4269-B177-3EFB300CBDDC}) (Version: 1.0.0.0 - Synology Inc.)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.16642 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TOSHIBA 180 Degrees Rotation Utility (HKLM-x32\...\{FEDFB4DC-E149-4897-B616-4811C718E54F}) (Version: 1.4.0 - TOSHIBA Corporation)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}) (Version: 2.1.10.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{38C52F7D-A6CB-4CE7-A189-8AABE8774D8A}) (Version: 8.0.38 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.9 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{6FF9A012-0254-41E9-81E2-F538C4B53611}) (Version: 1.3.2.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.8 - TOSHIBA Corporation)
TOSHIBA Intelligent Display Management (HKLM\...\{636E2BA9-126F-493D-A033-343C145AAD87}) (Version: 1.0.3.0 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.6.1 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.00.0008 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.7.64 - TOSHIBA Corporation)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.1.1.4 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.18.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.0 - TOSHIBA Corporation)
TOSHIBA Security Assist (HKLM-x32\...\{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}) (Version: 2.0.9 - TOSHIBA)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.7 - TOSHIBA Corporation)
TOSHIBA Sync Utility (HKLM-x32\...\{CCF62642-ECB1-4D2B-80C0-3FD3286AEAED}) (Version: 2.0.3060 - TOSHIBA Corporation)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.10.64 - TOSHIBA Corporation)
TOSHIBA VIDEO PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 4.00.4.60-A - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 1.1.7.1 - TOSHIBA Corporation)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}) (Version: 1.0.4 - TOSHIBA CORPORATION)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 beta 12 - Ghisler Software GmbH)
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.16 - IDRIX)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.15-1 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {206FF519-2D66-4E99-B239-D287DB41B0B4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {3BC1310F-6262-42B9-AB22-8764714495F3} - \Lyrics Seeker Update -> Keine Datei <==== ACHTUNG
Task: {533CC4DB-ED83-4A01-86D2-45C2C6C5B463} - System32\Tasks\AdobeAAMUpdater-1.0-BBKLAPTOP-benjamka => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {57A33E44-A40B-46D7-9614-BFEF1DE09CDB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5DC2A5C6-291E-431E-A4BA-0D992EDAC946} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000UA => C:\Users\benjamka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {5F67D011-55AA-45C2-A392-FCF737176BF3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {612FDC98-97F1-4126-AFA2-2AA3D1E9A694} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000Core => C:\Users\benjamka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {667B4007-3460-4B4D-AF2C-0C5FB1448F21} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {806B77B1-FDCD-4237-AFD5-B41275BFFB69} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {81195C19-3472-43E1-9EF1-E3BD96BE36FE} - System32\Tasks\{008D639C-C03A-41C9-BEF9-9FAEFC132657} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {8EA91B99-DF5D-4D52-97B5-434ABC07657E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {A38DB3D4-273D-4B21-A5C1-65B9CE1D48D5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {BB590BE5-9A30-423B-B339-6D03DAC80375} - System32\Tasks\Microsoft\Windows\Setup\xtgt\refreshxtgtconfig => C:\Windows\system32\XTgt\XTgtMgr.exe [2015-10-05] (Microsoft Corporation)
Task: {C12F51AA-FD5C-4DC2-B4DD-BB5F0C966510} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {D9209408-5882-4E3F-B395-A413AC2F0E07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {DC404808-131E-4D79-A6F9-5E68B8D971CC} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E17171CB-9A8A-466D-B3A0-96D8BDD6E81E} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe [2012-12-14] (Lavasoft Limited)
Task: {F5380E93-EEE0-4354-8FD2-0958E256E503} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {FC21203B-2B24-4388-9208-6B84BBA593A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000Core.job => C:\Users\benjamka\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000UA.job => C:\Users\benjamka\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-01-21 20:45 - 2012-11-28 18:50 - 00019880 _____ () C:\windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2012-06-15 11:31 - 2012-06-15 11:31 - 00718848 _____ () C:\Program Files (x86)\NETGEAR\USB Media Extender\setqos.exe
2015-03-03 00:53 - 2015-03-03 00:57 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2013-05-15 20:33 - 2010-04-13 15:40 - 00968448 _____ () C:\Program Files (x86)\Second Copy 8\SCVSSSvc.exe
2013-10-09 10:52 - 2013-10-09 10:52 - 00384072 _____ () C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe
2011-04-07 21:59 - 2011-04-07 21:59 - 00592312 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2015-06-19 02:31 - 2015-06-19 02:31 - 00059392 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-02-02 23:43 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2010-11-19 01:18 - 2010-11-19 01:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2011-03-03 22:21 - 2011-03-03 22:21 - 03420584 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2015-12-03 10:27 - 2015-12-03 10:27 - 01890830 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2013-12-29 23:05 - 2013-10-03 10:42 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2012-06-25 10:19 - 2012-06-25 10:19 - 22641664 _____ () C:\Program Files (x86)\NETGEAR\USB Media Extender\Control Center.exe
2014-12-12 23:24 - 2014-12-12 23:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2010-12-08 23:42 - 2010-12-08 23:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2011-12-02 16:07 - 2011-12-02 16:07 - 02046976 _____ () C:\Program Files (x86)\foobar2000\foobar2000.exe
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-30 14:04 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-30 14:04 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-30 14:04 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-30 14:04 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-30 14:04 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-12-03 10:27 - 2015-12-03 10:27 - 00681998 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2015-12-03 10:27 - 2015-12-03 10:27 - 01022478 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2013-12-29 23:05 - 2013-10-03 10:42 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2015-12-11 14:11 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-11 14:11 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-11 14:11 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-11 14:11 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-11 14:11 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 23:59 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00063432 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 01135568 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-06-21 13:14 - 2015-07-21 10:43 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2014-06-21 13:14 - 2015-07-21 10:43 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2013-01-15 22:13 - 2014-12-19 05:01 - 00192376 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libBase64.dll
2013-01-15 22:13 - 2014-12-19 05:01 - 00180088 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-12-26 02:35 - 2016-01-09 19:59 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-12-26 02:35 - 2016-01-09 19:59 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-11-11 03:41 - 2015-11-11 03:41 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-01-19 20:50 - 2016-01-19 20:50 - 17882304 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll
2010-04-21 13:48 - 2010-04-21 13:48 - 00066560 _____ () C:\Program Files (x86)\foobar2000\zlib1.dll
2011-12-02 16:04 - 2011-12-02 16:04 - 00148480 _____ () C:\Program Files (x86)\foobar2000\shared.dll
2011-12-02 16:05 - 2011-12-02 16:05 - 01483264 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
2011-12-02 16:06 - 2011-12-02 16:06 - 00365056 _____ () C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
2011-12-02 16:06 - 2011-12-02 16:06 - 00276480 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
2011-12-02 16:05 - 2011-12-02 16:05 - 00283136 _____ () C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
2011-12-02 16:05 - 2011-12-02 16:05 - 00483840 _____ () C:\Program Files (x86)\foobar2000\components\foo_converter.dll
2012-07-13 14:36 - 2011-06-12 22:17 - 01858048 _____ () C:\Program Files (x86)\foobar2000\components\foo_dop.dll
2011-12-02 16:05 - 2011-12-02 16:05 - 00171008 _____ () C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
2011-12-02 16:05 - 2011-12-02 16:05 - 00276480 _____ () C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
2011-12-02 16:06 - 2011-12-02 16:06 - 01130496 _____ () C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
2011-12-02 16:05 - 2011-12-02 16:05 - 00237568 _____ () C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
2011-12-02 16:06 - 2011-12-02 16:06 - 00299008 _____ () C:\Program Files (x86)\foobar2000\components\foo_cdda.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7867 mehr Seiten.

IE trusted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7867 mehr Seiten.

IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1004\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.

IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1005\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.

IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-501\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-50433080-710429258-2441499552-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\benjamka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-50433080-710429258-2441499552-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\BBK 64\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-50433080-710429258-2441499552-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-50433080-710429258-2441499552-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Toshiba Places Icon Utility.lnk => C:\windows\pss\Toshiba Places Icon Utility.lnk.CommonStartup
MSCONFIG\startupreg: Ad-Aware Antivirus => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
MSCONFIG\startupreg: Toshiba TEMPRO => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{18F9B4CF-3355-4DFE-9A11-D544039302FF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0AEE0B96-C74A-41C4-B0D7-52425B60CC47}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7E4BAF6A-B2BF-4C1C-A432-BA8825ADEF25}] => (Allow) LPort=2869
FirewallRules: [{F6200A9A-D8DC-4617-9C3B-2631DDDE95DB}] => (Allow) LPort=1900
FirewallRules: [{43FC74DA-1CCE-4F15-913D-635F2B84115E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A5482107-A5A1-4B1E-A0BF-D0D5E728C283}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{50CA9607-1D43-411F-A483-16BD03B2902B}] => (Allow) C:\Program Files (x86)\Microsoft Office 2007\Office12\GROOVE.EXE
FirewallRules: [{750BDA4C-701B-4E79-92F2-56F29D3AFCF7}] => (Allow) C:\Program Files (x86)\Microsoft Office 2007\Office12\GROOVE.EXE
FirewallRules: [{872C8B78-429A-444A-BA1E-8AA79F340C81}] => (Allow) C:\Program Files (x86)\Microsoft Office 2007\Office12\ONENOTE.EXE
FirewallRules: [{3B34C576-1E96-4C9B-8830-1FAF738001D8}] => (Allow) C:\Program Files (x86)\Microsoft Office 2007\Office12\ONENOTE.EXE
FirewallRules: [TCP Query User{290FD82D-744F-4563-BB4D-566EAF8A35DA}C:\program files (x86)\microsoft office 2007\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office 2007\office12\groove.exe
FirewallRules: [UDP Query User{009B87DA-B380-4B5E-8E95-AA6D96F66C91}C:\program files (x86)\microsoft office 2007\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office 2007\office12\groove.exe
FirewallRules: [{6ECD5366-F230-4D9A-8475-B19A133B0997}] => (Allow) D:\fsetup.exe
FirewallRules: [{A6B0C297-39D7-4AE5-8F73-72D7152A034E}] => (Allow) D:\fsetup.exe
FirewallRules: [TCP Query User{0808B48E-0F94-4355-81D5-C327815353C0}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{7BCEEF7D-9774-4A50-8D57-7884CEA9FEFF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{C57FF549-1292-430A-AA52-E86DB915416D}] => (Allow) C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C0715ED8-A10D-4CAF-ADB5-8873988C001E}] => (Allow) C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D40F8F1B-E8EA-4AB7-A73F-A2714B71F44A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{1794BA9E-C5FB-46A5-8BA6-61E092ABD086}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9059B235-D15D-44F1-BBFA-9E8464658AD2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{459AEDE0-A773-49A6-AA3A-1CA18CFCD9F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D4EE5496-ED1E-4AE2-9769-FD54D3F59260}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EFA2E455-9780-4321-AA57-2DB9076619CD}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{CCDA79A0-1B87-4DFF-8FF1-75046488DAAF}C:\users\benjamka\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\benjamka\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{74CC3B9D-9D4C-4F71-B8BB-C3EDB7D9258C}C:\users\benjamka\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\benjamka\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{2893CA94-B315-4C4B-905C-6763A8268B26}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{EADBD15E-1BD8-48A6-BC05-BAB4C0E09FC4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{2CCFD4B7-9196-4106-8EC0-BF94EF15EBEC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{12D95F95-5719-46CB-AADA-A4C6AFA5DDA7}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{C5F8245F-2D8D-4E79-817A-A771DB1A0293}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{D264E3A8-828E-4490-91D0-A80340AA544D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{9A9DD54F-0EBD-4DF4-A6F8-755DCDAA8C1F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{047E83B1-8FFD-4EB6-880A-B39D73DD215A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C21B43D8-3ABE-4D6D-A569-130CCE4049C0}C:\program files (x86)\aptana s3\aptanastudio3.exe] => (Block) C:\program files (x86)\aptana s3\aptanastudio3.exe
FirewallRules: [UDP Query User{E3C65BF3-1B18-49C7-B585-A72D5360EE61}C:\program files (x86)\aptana s3\aptanastudio3.exe] => (Block) C:\program files (x86)\aptana s3\aptanastudio3.exe
FirewallRules: [{E7758F1E-63EC-45FD-9B85-2415BB68CC52}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B10DFC3C-0C9B-4D4C-803F-2BB6C0D22966}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{956CEC33-57A0-4ED1-9491-06EE748AE28F}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{90692234-AB12-4938-BB19-B05AD3C4398D}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{653789C9-2244-4292-B8D5-ECCC7F39ED2C}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{8A8A586E-BBFD-49C2-921B-70552DBA4505}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [TCP Query User{7D2883FE-1DE7-4647-AB3F-CC614D0D1BCE}C:\program files (x86)\netgear\netgear powerline utility\namepipeserver.exe] => (Allow) C:\program files (x86)\netgear\netgear powerline utility\namepipeserver.exe
FirewallRules: [UDP Query User{43964E8F-4E80-426D-A03B-B027ADA07193}C:\program files (x86)\netgear\netgear powerline utility\namepipeserver.exe] => (Allow) C:\program files (x86)\netgear\netgear powerline utility\namepipeserver.exe
FirewallRules: [{85EEB40F-87B1-4E2C-BE65-FF46E1E96359}] => (Allow) C:\Program Files (x86)\NETGEAR\USB Media Extender\Control Center.exe
FirewallRules: [{5A69410F-94CE-4A98-B9A9-5520C598DECE}] => (Allow) C:\Program Files (x86)\NETGEAR\USB Media Extender\Control Center.exe
FirewallRules: [{A37CA65D-E391-4E7C-B7F2-AA1616B3C220}] => (Allow) LPort=7423
FirewallRules: [TCP Query User{1DE2F863-C392-43BF-8DB8-77CEC9E588E1}C:\program files (x86)\netgear\usb media extender\control center.exe] => (Allow) C:\program files (x86)\netgear\usb media extender\control center.exe
FirewallRules: [UDP Query User{7B49CC51-7112-4674-B482-AD99D8E9929D}C:\program files (x86)\netgear\usb media extender\control center.exe] => (Allow) C:\program files (x86)\netgear\usb media extender\control center.exe
FirewallRules: [{435E377B-2111-4A5E-8FDB-C415E3C62290}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D30E6E9E-54FC-4B72-8D94-8E293F34C409}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{0CBA0D94-61A8-411A-8370-42C359239AD3}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C6678117-7A35-4AE5-A677-8433A92E88A2}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [TCP Query User{8D8DCD9C-5994-4CBC-90D2-FDD63A2A4A80}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{B27ED4E2-B59D-486A-8526-719F80E23CAC}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{8AA0389B-D88D-4258-BB47-869BBFF7F547}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{7CB416AF-ECBC-4AC7-99ED-F6369D7FE7DD}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{ED0A0AE5-9288-4F8C-90C2-58E91CC48307}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A70AB663-1A21-41F4-A0EF-6408C418ED3C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2AE23FEB-2DB7-49EB-ADBC-06026A976947}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{20843831-991E-4452-B606-916DF6A2C163}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{D614FBCD-8932-4A15-AFD6-145F2D7F5622}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{C7087D5D-CFDC-42AF-8B42-9123E6A48EE1}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{4FDC107C-92E7-481D-ADA7-4E9688AC5B3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2A802569-8847-4BAD-B985-A1259E64E879}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6798A8E8-1689-49AC-A3CB-45C5A2B4D8DF}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{42E56A99-7257-4A61-9409-735A688E1E5D}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [{086C1F9A-EAF8-433A-9EB6-38835A5D6F9B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B39F605D-7624-4FC1-96E0-56CFF1B7A75A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{42024F60-7C4C-49F5-9100-53A5BD952780}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{63C4A8D5-AE82-4CED-AF04-D1CE54DEEA4E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{9343847B-823D-406E-8EF0-DDA067BABE4C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{703F3735-EB12-4AE9-91C5-861A603A739C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3D4E75DF-1E7F-4FF5-B7AF-58EA8A4FF3BC}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{730F680A-9F93-496B-BBDD-45DCC5B737D8}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [{F108CA64-DB8D-461D-A2F1-F046D0E34A4E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{01665006-C410-4A51-825C-8EE9584EEF2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{6E21E433-8E73-4352-9706-8038C7C56DE0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{A755771B-BB5C-4B92-A3C0-1961F9297838}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{0224646B-7B76-447A-90B1-FA9BD06733F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{B27425B9-2E2A-4DC5-986A-62190D84B0A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{C42DF63F-84E3-48BC-A5F8-1BCF05462D8E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B4C011C8-3310-4180-A289-BB6EC225906F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{E01EFA1A-E680-47EC-B4A4-42E8843BFBAF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{AC0BC2B0-49C4-4F97-B52B-DBDBCEA42266}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{3B8611BD-2B58-4688-BC26-894590614A06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{D3C91DD3-D003-44E7-8CD2-F784E934685A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{8EDA2C51-9765-42B4-A010-35A7DE6AEA20}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{92404291-EDF3-4B0D-9FC8-C6C00487F9AA}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{45C1BA4C-B108-4C7A-AA32-343A321A483E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2C4083D5-3893-4DE7-883E-2CA61B6A02CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TeamViewer VPN Adapter
Description: TeamViewer VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TeamViewer GmbH
Service: teamviewervpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/22/2016 01:35:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/22/2016 11:44:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/22/2016 11:44:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/20/2016 02:41:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2016 02:39:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 5d8

Startzeit: 01d1535cbc581d67

Endzeit: 202

Anwendungspfad: C:\windows\Explorer.EXE

Berichts-ID: 67f6fe8a-bf79-11e5-8c4c-e89d87f3862a

Error: (01/20/2016 09:22:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2016 09:02:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 43.0.4.5848, Zeitstempel: 0x568c88bd
Name des fehlerhaften Moduls: mozglue.dll, Version: 43.0.4.5848, Zeitstempel: 0x568c7b16
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed44
ID des fehlerhaften Prozesses: 0x2008
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (01/19/2016 09:02:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 43.0.4.5848, Zeitstempel: 0x568c88bd
Name des fehlerhaften Moduls: mozglue.dll, Version: 43.0.4.5848, Zeitstempel: 0x568c7b16
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed44
ID des fehlerhaften Prozesses: 0xd90
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (01/19/2016 10:56:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2016 03:02:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 43.0.4.5848, Zeitstempel: 0x568c88bd
Name des fehlerhaften Moduls: mozglue.dll, Version: 43.0.4.5848, Zeitstempel: 0x568c7b16
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed44
ID des fehlerhaften Prozesses: 0xfe8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3


Systemfehler:
=============
Error: (01/22/2016 11:54:51 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/20/2016 02:41:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (01/20/2016 09:22:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (01/19/2016 09:07:09 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/19/2016 01:41:25 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/19/2016 10:56:47 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (01/19/2016 04:48:56 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/18/2016 01:27:55 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/18/2016 12:04:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (01/18/2016 05:04:36 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE


CodeIntegrity:
===================================
  Date: 2013-11-30 00:45:47.691
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-30 00:45:47.629
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-30 00:45:47.520
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-30 00:45:47.457
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-29 23:58:18.780
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-29 23:58:18.702
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-29 23:58:18.624
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-29 23:58:18.562
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 80%
Installierter physikalischer RAM: 4069.43 MB
Verfügbarer physikalischer RAM: 799.09 MB
Summe virtueller Speicher: 7465.71 MB
Verfügbarer virtueller Speicher: 2265.8 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:103.23 GB) (Free:3.1 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: () (Removable) (Total:29.02 GB) (Free:22.25 GB) FAT32
Drive k: (Bunker) (Fixed) (Total:931.51 GB) (Free:137.68 GB) NTFS
Drive y: (BeneNAS) (Network) (Total:2746.22 GB) (Free:861.72 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 119.2 GB) (Disk ID: 749600A5)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=103.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.5 GB) - (Type=17)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: FEB4A2EE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 25.01.2016, 16:13   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



Deinstaliere: Avira, Lavasoft Ad-Aware und Spybot. Sind alles Tools die wir nicht empfehlen, schon lange nicht mehr empfehlen und/oder bei der Bereinigung überhaupt keine Rolle spielen gar eher kontraproduktiv sind.

Wenn wir hier durch sind, kannst du ein anderes AV installieren.

Gib bitte Bescheid wenn die Programme deinstalliert sind.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 25.01.2016, 16:29   #23
Bene25
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



Erledigt.

Malwarebytes Anti Malware und CCleaner können bleiben?

Was nun?

Alt 25.01.2016, 19:39   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



MBAM ist kein "echtes" AV. CCleaner hat rein garnix damit zu tun. Es löscht doch nur Temp- und andere unnötige Dateien!


Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 25.01.2016, 20:58   #25
Bene25
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



Alles klar.

Hier die neue Logfile von FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
durchgeführt von benjamka (Administrator) auf BBKLAPTOP (25-01-2016 20:54:14)
Gestartet von C:\Users\benjamka\Downloads
Geladene Profile: benjamka (Verfügbare Profile: benjamka & BBK 64 & Hombre & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\NETGEAR\USB Media Extender\SetQos.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Second Copy 8\SCVSSSvc.exe
() C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Intelligent Display Management\TDLPowerCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Dropbox, Inc.) C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office 2007\Office12\ONENOTEM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TNROTATE\TNROTATE.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\Sync Utility\TosSyncScheduler.exe
() C:\Program Files (x86)\NETGEAR\USB Media Extender\Control Center.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtAvAC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TDLPowerCtrl] => C:\Program Files\TOSHIBA\TOSHIBA Intelligent Display Management\TDLPowerCtrl.exe [498120 2011-01-24] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-19] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [328048 2011-01-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2011-01-17] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [TNRotate] => C:\Program Files (x86)\TOSHIBA\TNRotate\TNRotate.exe [607688 2010-11-25] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-05] (TOSHIBA)
HKLM-x32\...\Run: [TSUScheduler] => C:\Program Files (x86)\TOSHIBA\Sync Utility\TosSyncScheduler.exe [923000 2010-05-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [Netgear UDS Control Center] => C:\Program Files (x86)\NETGEAR\USB Media Extender\Control Center.exe [22641664 2012-06-25] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-07-21] (Geek Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [Dropbox Update] => C:\Users\benjamka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1890830 2015-12-03] ()
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-02-02]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2015-11-06]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-08-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2013-12-29]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\BBK 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\benjamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\benjamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2012-02-19]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office 2007\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6F3EF3E1-6473-4698-9280-C471DE069571}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{EF8C008F-760B-40DB-AA0D-C662DC07F9EF}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM -> {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-50433080-710429258-2441499552-1000 -> DefaultScope {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = 
SearchScopes: HKU\S-1-5-21-50433080-710429258-2441499552-1000 -> {29AA9FFF-B981-40A6-8F74-F02CAD29809D} URL = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-50433080-710429258-2441499552-1000 -> {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = 
SearchScopes: HKU\S-1-5-21-50433080-710429258-2441499552-1000 -> {895F93D1-22C5-4CCF-8735-43F9FF5FBF91} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-28] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-28] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (<TOSHIBA>)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} 
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\2sdewnmb.Bene
FF NewTab: hxxp://www.bing.com/?pc=COSP&ptag=D011916-AD42D1DB7E9&form=CONMHP&conlogo=CT3334497
FF SelectedSearchEngine: Bing®
FF Homepage: www.google.de
FF Session Restore: -> ist aktiviert.
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll [Keine Datei]
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\searchplugins\google-deutschland.xml [2015-09-03]
FF SearchPlugin: C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\searchplugins\ixquick-https---deutsch.xml [2015-10-05]
FF SearchPlugin: C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\2sdewnmb.Bene\searchplugins\bing-lavasoft.xml [2016-01-19]
FF Extension: Lavasoft Search Plugin - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013-01-15] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: BetterPrivacy - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-09-17]
FF Extension: Session Manager - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\2sdewnmb.Bene\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-01-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-01-07] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-10] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-08-09] [ist nicht signiert]
FF HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HKU\S-1-5-21-50433080-710429258-2441499552-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NuSetQos; C:\Program Files (x86)\NETGEAR\USB Media Extender\\setqos.exe [718848 2012-06-15] () [Datei ist nicht signiert]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2015-03-03] ()
R2 SCVSSService; C:\Program Files (x86)\Second Copy 8\SCVSSSvc.exe [968448 2010-04-13] ()
R2 SynoDrService; C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe [384072 2013-10-09] ()
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-11-08] (AVM Berlin)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-15] (GFI Software)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NetgearUDSMBus; C:\Windows\SysWow64\Drivers\NetgearUDSMBus.sys [106632 2012-06-15] (Windows (R) Codename Longhorn DDK provider)
R3 NetgearUDSTcpBus; C:\Windows\SysWow64\Drivers\NetgearUDSTcpBus.sys [182920 2012-06-15] (Windows (R) Codename Longhorn DDK provider)
S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [195416 2015-10-08] (IDRIX)
S1 SBRE; \??\C:\windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-25 16:27 - 2016-01-25 16:27 - 00000000 ____H C:\ProgramData\cm-lock
2016-01-25 16:26 - 2016-01-25 16:26 - 00000085 _____ C:\windows\wininit.ini
2016-01-25 14:08 - 2016-01-25 16:06 - 00000000 ____D C:\Logsinf
2016-01-22 14:08 - 2016-01-25 20:54 - 00033379 _____ C:\Users\benjamka\Downloads\FRST.txt
2016-01-22 14:08 - 2016-01-22 14:08 - 02370560 _____ (Farbar) C:\Users\benjamka\Downloads\FRST64.exe
2016-01-20 14:08 - 2016-01-20 14:08 - 00003273 _____ C:\Users\benjamka\AppData\Local\recently-used.xbel
2016-01-19 21:03 - 2016-01-19 21:03 - 00000000 ____D C:\searchplugins
2016-01-19 21:02 - 2016-01-20 09:21 - 00002896 _____ C:\windows\SysWOW64\LavasoftTcpServiceOff.ini
2016-01-19 21:02 - 2016-01-20 09:21 - 00002896 _____ C:\windows\system32\LavasoftTcpServiceOff.ini
2016-01-19 21:02 - 2016-01-19 21:02 - 00425744 _____ (Lavasoft Limited) C:\windows\system32\LavasoftTcpService64.dll
2016-01-19 21:02 - 2016-01-19 21:02 - 00345360 _____ (Lavasoft Limited) C:\windows\SysWOW64\LavasoftTcpService.dll
2016-01-19 21:02 - 2016-01-19 21:02 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\MPC-HC
2016-01-19 21:01 - 2016-01-19 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-01-19 21:01 - 2016-01-19 21:01 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-01-19 21:01 - 2015-12-18 11:00 - 00755200 _____ C:\windows\system32\xvidcore.dll
2016-01-19 21:01 - 2015-12-18 11:00 - 00674816 _____ C:\windows\SysWOW64\xvidcore.dll
2016-01-19 21:01 - 2015-12-18 11:00 - 00309248 _____ C:\windows\system32\xvidvfw.dll
2016-01-19 21:01 - 2015-12-18 11:00 - 00282112 _____ C:\windows\SysWOW64\xvidvfw.dll
2016-01-19 21:01 - 2015-10-24 18:00 - 00126976 _____ C:\windows\system32\ff_vfw.dll
2016-01-19 21:01 - 2015-10-24 18:00 - 00112128 _____ C:\windows\SysWOW64\ff_vfw.dll
2016-01-19 21:01 - 2015-02-28 17:22 - 03571200 _____ (x264vfw project) C:\windows\system32\x264vfw64.dll
2016-01-19 21:01 - 2015-02-28 17:21 - 03591680 _____ (x264vfw project) C:\windows\SysWOW64\x264vfw.dll
2016-01-19 21:01 - 2012-07-21 12:55 - 00180736 _____ (fccHandler) C:\windows\system32\ac3acm.acm
2016-01-19 21:01 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\windows\SysWOW64\ac3acm.acm
2016-01-19 21:01 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\windows\system32\lagarith.dll
2016-01-19 21:01 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\windows\SysWOW64\lagarith.dll
2016-01-19 20:57 - 2016-01-19 20:57 - 42013590 _____ ( ) C:\Users\benjamka\Downloads\K-Lite_Codec_Pack_1180_Mega.exe
2016-01-19 03:01 - 2016-01-19 03:01 - 00000000 ____D C:\Users\benjamka\AppData\Local\NokiaAccount
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p23].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p22].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p21].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p20].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p19].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p18].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p17].bmp
2016-01-16 19:14 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p16].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p15].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p14].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p13].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p12].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p11].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p10].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p09].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p08].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p07].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p06].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p05].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p04].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p03].bmp
2016-01-16 19:13 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p02].bmp
2016-01-14 13:28 - 2016-01-14 13:52 - 00000000 ____D C:\Users\benjamka\Documents\MyScans
2016-01-14 13:26 - 2016-01-14 13:29 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Foxit Scanner Images
2016-01-13 09:42 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-01-13 09:42 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2016-01-13 09:42 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-01-13 09:42 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-01-13 09:42 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-01-13 09:42 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 09:42 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-01-13 09:42 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-01-13 09:42 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-01-13 09:42 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-01-13 09:42 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2016-01-13 09:42 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2016-01-13 09:42 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2016-01-13 09:42 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2016-01-13 09:41 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-01-13 09:41 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-01-13 09:41 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-01-13 09:41 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-01-13 09:41 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-01-13 09:41 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-01-13 09:41 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-01-13 09:41 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-01-13 09:41 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-01-13 09:41 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-01-13 09:41 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-01-13 09:41 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-01-13 09:41 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-01-13 09:41 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-01-13 09:41 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-01-13 09:41 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-01-13 09:41 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-01-13 09:41 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-01-13 09:41 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-01-13 09:41 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 09:41 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-01-13 09:41 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-01-13 09:41 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-01-13 09:41 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-01-13 09:41 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-01-13 09:41 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-01-13 09:41 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-01-13 09:41 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-01-13 09:41 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-01-13 09:41 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-01-13 09:41 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-01-13 09:41 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-01-13 09:41 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-01-13 09:41 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-01-13 09:41 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-01-13 09:41 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-01-13 09:41 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-01-13 09:41 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-01-13 09:41 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-01-13 09:41 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 09:41 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-01-13 09:41 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-01-13 09:41 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-01-13 09:41 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-01-13 09:41 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-01-13 09:41 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-01-13 09:41 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-01-13 09:41 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-01-13 09:41 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-01-13 09:41 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-01-13 09:41 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-01-13 09:41 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-01-13 09:41 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-01-13 09:41 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-01-13 09:41 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-01-13 09:41 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-01-13 09:41 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 09:41 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 09:41 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-01-13 09:41 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-01-13 09:41 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-01-13 09:41 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-01-13 09:41 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-01-13 09:41 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-01-13 09:41 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-01-13 09:41 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-01-13 09:41 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-01-13 09:41 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-01-13 09:41 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-01-13 09:41 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-01-13 09:41 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-01-13 09:41 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-01-13 09:41 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-01-13 09:40 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-01-13 09:40 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-01-13 09:40 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-01-13 09:40 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-01-13 09:40 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-01-13 09:40 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-01-13 09:40 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-01-13 09:40 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-01-13 09:40 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-01-13 09:40 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-01-13 09:40 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-01-13 09:40 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-01-13 09:40 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-01-13 09:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-01-13 09:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-01-13 09:40 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-01-13 09:40 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-01-13 09:40 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-01-13 09:40 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-01-13 09:40 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-01-13 09:40 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-01-13 09:40 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-01-13 09:40 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-01-13 09:40 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-01-13 09:40 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-01-13 09:40 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-01-13 09:40 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-01-13 09:40 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-01-13 09:40 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-01-13 09:40 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-01-13 09:40 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-01-13 09:40 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-01-13 09:40 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-01-13 09:40 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-01-13 09:40 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 09:40 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-01-13 09:40 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-01-13 09:40 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-01-13 09:40 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-01-13 09:40 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-01-13 09:40 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-01-13 09:40 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-01-12 16:49 - 2016-01-19 21:02 - 00000000 ____D C:\Users\benjamka\AppData\Local\CrashDumps
2016-01-12 04:13 - 2016-01-12 04:13 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\JAM Software
2016-01-12 04:13 - 2016-01-12 04:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2016-01-12 04:13 - 2016-01-12 04:13 - 00000000 ____D C:\Program Files (x86)\JAM Software
2016-01-09 23:19 - 2016-01-09 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2016-01-09 23:16 - 2016-01-10 02:24 - 00000000 ____D C:\xampp
2016-01-09 23:04 - 2016-01-11 02:37 - 00000106 _____ C:\Users\benjamka\Documents\urls.txt
2016-01-09 01:20 - 2016-01-09 01:20 - 00273025 _____ C:\Users\benjamka\Documents\Logo2.xcf
2016-01-08 22:22 - 2016-01-08 22:22 - 00003971 _____ C:\Users\benjamka\Documents\wp-config.php
2016-01-07 11:04 - 2016-01-09 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-02 12:05 - 2016-01-02 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-27 20:21 - 2009-06-10 22:00 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts.20151227-202141.backup
2015-12-26 02:35 - 2016-01-09 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-25 20:54 - 2015-11-13 22:40 - 00000000 ____D C:\FRST
2016-01-25 20:52 - 2012-09-11 19:44 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-25 20:52 - 2009-07-14 05:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-25 20:52 - 2009-07-14 05:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-25 20:50 - 2012-07-30 17:58 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-01-25 20:47 - 2015-06-16 11:48 - 00001236 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000UA.job
2016-01-25 16:31 - 2015-12-09 19:11 - 00005688 _____ C:\Users\benjamka\Documents\Spamtexts.txt
2016-01-25 16:31 - 2011-02-11 09:21 - 00699682 _____ C:\windows\system32\perfh007.dat
2016-01-25 16:31 - 2011-02-11 09:21 - 00149790 _____ C:\windows\system32\perfc007.dat
2016-01-25 16:31 - 2009-07-14 06:13 - 01620684 _____ C:\windows\system32\PerfStringBackup.INI
2016-01-25 16:31 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-01-25 16:27 - 2015-11-14 01:09 - 00000000 ____D C:\Users\benjamka\AppData\Local\ownCloud
2016-01-25 16:27 - 2014-10-30 14:04 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-01-25 16:27 - 2012-09-11 19:44 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-25 16:27 - 2012-05-20 20:58 - 00000000 ___RD C:\Users\benjamka\Dropbox
2016-01-25 16:27 - 2012-05-20 20:56 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Dropbox
2016-01-25 16:27 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-01-25 16:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-25 16:23 - 2013-08-05 23:35 - 00000000 ____D C:\Program Files (x86)\Avira
2016-01-25 16:22 - 2013-08-05 23:35 - 00000000 ____D C:\ProgramData\Avira
2016-01-25 14:10 - 2015-06-16 11:48 - 00001184 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000Core.job
2016-01-25 14:03 - 2014-08-09 16:15 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-25 02:00 - 2014-08-28 22:26 - 00000000 ____D C:\Users\benjamka\AppData\Local\Adobe
2016-01-24 23:03 - 2012-01-24 21:09 - 00000000 ___RD C:\Users\benjamka
2016-01-24 19:00 - 2015-12-11 16:43 - 00000000 ____D C:\Users\benjamka\Documents\Golem
2016-01-24 15:33 - 2015-06-04 22:27 - 00000000 ____D C:\Users\benjamka\.gimp-2.8
2016-01-24 08:24 - 2012-01-25 21:14 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\foobar2000
2016-01-23 15:32 - 2009-07-14 06:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-01-22 14:17 - 2015-08-17 23:07 - 00000000 ____D C:\Users\benjamka\Documents\Schrift-Feld
2016-01-22 13:34 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2016-01-20 14:22 - 2012-02-01 20:13 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-01-20 14:08 - 2015-06-25 11:24 - 00000000 ____D C:\Users\benjamka\AppData\Local\gtk-2.0
2016-01-19 21:02 - 2012-02-02 03:58 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\vlc
2016-01-19 20:50 - 2012-07-30 17:58 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 20:50 - 2012-03-31 08:40 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-01-19 20:50 - 2012-01-25 10:23 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-19 10:58 - 2012-01-24 21:15 - 00110376 _____ C:\Users\benjamka\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-19 10:56 - 2009-07-14 05:45 - 00501824 _____ C:\windows\system32\FNTCACHE.DAT
2016-01-19 03:14 - 2011-05-15 18:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-19 03:01 - 2015-10-13 21:56 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Nokia Suite
2016-01-19 03:01 - 2015-10-13 21:56 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Nokia
2016-01-19 03:01 - 2015-10-13 21:18 - 00000000 ____D C:\ProgramData\Nokia
2016-01-19 03:01 - 2015-10-13 21:17 - 00000000 ____D C:\Program Files (x86)\Nokia
2016-01-16 19:28 - 2013-01-22 19:33 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\FileZilla
2016-01-14 17:47 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2016-01-14 16:09 - 2014-08-14 18:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-14 14:08 - 2013-11-22 16:55 - 00000000 ____D C:\Users\benjamka\Documents\Business
2016-01-14 13:19 - 2011-05-15 18:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-01-14 13:18 - 2011-05-15 18:27 - 00000000 ____D C:\ProgramData\Adobe
2016-01-14 13:09 - 2015-11-24 19:27 - 00000000 ___RD C:\Users\benjamka\Documents\Scanned Documents
2016-01-14 11:36 - 2013-03-14 17:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 11:36 - 2013-03-14 17:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 23:30 - 2013-03-14 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 23:30 - 2012-01-25 17:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-13 23:16 - 2014-02-14 20:24 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\MyPhoneExplorer
2016-01-13 12:19 - 2015-04-16 18:24 - 00000000 ____D C:\windows\system32\appraiser
2016-01-13 12:19 - 2014-05-06 21:40 - 00000000 ___SD C:\windows\system32\CompatTel
2016-01-13 01:40 - 2015-09-14 20:59 - 00000000 ____D C:\Users\benjamka\Documents\Eigene Scans
2016-01-09 23:08 - 2012-05-12 13:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-08 16:00 - 2014-04-26 14:03 - 00001962 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-01-08 16:00 - 2013-01-22 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-01-08 16:00 - 2013-01-22 19:33 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2016-01-05 05:06 - 2012-02-21 22:26 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Skype
2016-01-03 15:20 - 2015-08-09 13:43 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\HpUpdate
2016-01-02 12:06 - 2011-05-15 18:55 - 00000000 ____D C:\ProgramData\Skype
2016-01-02 12:05 - 2014-03-19 23:14 - 00000000 ____D C:\Users\benjamka\AppData\Local\Skype
2016-01-02 12:05 - 2011-05-15 18:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-27 19:32 - 2013-08-22 20:55 - 00000000 ____D C:\Program Files (x86)\Steam

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-20 14:08 - 2016-01-20 14:08 - 0003273 _____ () C:\Users\benjamka\AppData\Local\recently-used.xbel
2014-02-09 21:36 - 2015-11-08 13:29 - 0007627 _____ () C:\Users\benjamka\AppData\Local\Resmon.ResmonCfg
2016-01-16 19:13 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p02].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p03].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p04].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p05].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p06].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p07].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p08].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p09].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p10].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p11].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p12].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p13].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p14].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p15].bmp
2016-01-16 19:14 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p16].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p17].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p18].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p19].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p20].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p21].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p22].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p23].bmp
2012-12-26 00:20 - 2013-11-22 16:33 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-01-25 16:27 - 2016-01-25 16:27 - 0000000 ____H () C:\ProgramData\cm-lock
2012-02-21 22:28 - 2012-02-21 22:28 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2015-08-03 19:02 - 2015-08-09 14:19 - 0034260 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\BBK 64\AppData\Local\Temp\avgnt.exe
C:\Users\benjamka\AppData\Local\Temp\avgnt.exe
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\Hombre\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-19 13:14

==================== Ende von FRST.txt ============================
         

Alt 25.01.2016, 20:59   #26
Bene25
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



...und die Addition.txt:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016
durchgeführt von benjamka (2016-01-25 20:54:57)
Gestartet von C:\Users\benjamka\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-01-24 20:09:27)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-50433080-710429258-2441499552-500 - Administrator - Disabled)
BBK 64 (S-1-5-21-50433080-710429258-2441499552-1004 - Administrator - Enabled) => C:\Users\BBK 64
benjamka (S-1-5-21-50433080-710429258-2441499552-1000 - Administrator - Enabled) => C:\Users\benjamka
Gast (S-1-5-21-50433080-710429258-2441499552-501 - Limited - Enabled) => C:\Users\Gast
Hombre (S-1-5-21-50433080-710429258-2441499552-1005 - Limited - Enabled) => C:\Users\Hombre
HomeGroupUser$ (S-1-5-21-50433080-710429258-2441499552-1007 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4500_G510nz_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Illustrator CS (HKLM-x32\...\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}) (Version: 11 - Adobe Systems, Inc.)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.106.303.203 - ALPS ELECTRIC CO., LTD.)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aptana Studio 3 (HKLM-x32\...\Aptana Studio 3) (Version: 3.0.0 - Appcelerator, Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.06(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version:  - )
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.51.2 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.12.2.1 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.12.2.0 - Canon Inc.)
CBL Daten-Shredder (HKLM-x32\...\{560E96B3-356D-4572-9FE3-B44F9AB92622}) (Version: 1.0.0 - CBL Datenrettung GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.3.20130522 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
File Scavenger 4.3 (en) (HKLM-x32\...\QueTek File Scavenger 4.3 (en)) (Version: 4.3.2.0 - QueTek Consulting Corporation)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
foobar2000 v1.1.10 (HKLM-x32\...\foobar2000) (Version: 1.1.10 - Peter Pawlowski)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GetDataBack for FAT (HKLM-x32\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 4.33.000 - Runtime Software)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.33.000 - Runtime Software)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{4BA6784F-3B10-473A-B9F5-33A36AC354D5}) (Version: 3.0.14358 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.)
GrampsAIO64 (HKLM-x32\...\GrampsAIO64 4.1.2) (Version: 4.1.2 - The GRAMPS project)
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Macromedia Extension Manager (HKLM-x32\...\{0F022A2E-7022-497D-90A5-0F46746D8275}) (Version: 1.7.270 - Ihr Firmenname)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 (HKLM-x32\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.6.11500.16.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13300.36.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}) (Version: 10.5.14800 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10300.25.0 - Nero AG)
NETGEAR Powerline Utility (HKLM-x32\...\InstallShield_{2753B568-6F85-4E31-A114-A7F8D8606DDD}) (Version: 3.1.0.3 - NETGEAR Powerline)
NETGEAR Powerline Utility (x32 Version: 3.1.0.3 - NETGEAR Powerline) Hidden
NETGEAR USB Media Extender  (HKLM-x32\...\{402E9ECB-92CE-49EE-8ABC-ECE73D009ED8}) (Version: 1.31 - NETGEAR)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Open Sea Map - Data Logger - Logs data from ship's data networks (HKLM-x32\...\Open Sea Map Data Logger) (Version: "1.0.0" - "Open Sea Map")
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.1.0.5683 - ownCloud)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PRE12 STI 64Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6293 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.1 - Renesas Electronics Corporation) Hidden
RICOH Media Driver v2.13.17.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.17.01 - RICOH)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Synology Cloud Station (HKLM-x32\...\{102406C7-6BD4-47AA-A858-A54C7002E32E}) (Version: 3.1.3320 - Synology)
Synology Data Replicator  3 (HKLM-x32\...\{8E310838-457C-4269-B177-3EFB300CBDDC}) (Version: 1.0.0.0 - Synology Inc.)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.16642 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TOSHIBA 180 Degrees Rotation Utility (HKLM-x32\...\{FEDFB4DC-E149-4897-B616-4811C718E54F}) (Version: 1.4.0 - TOSHIBA Corporation)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}) (Version: 2.1.10.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{38C52F7D-A6CB-4CE7-A189-8AABE8774D8A}) (Version: 8.0.38 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.9 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{6FF9A012-0254-41E9-81E2-F538C4B53611}) (Version: 1.3.2.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.8 - TOSHIBA Corporation)
TOSHIBA Intelligent Display Management (HKLM\...\{636E2BA9-126F-493D-A033-343C145AAD87}) (Version: 1.0.3.0 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.6.1 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.00.0008 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.7.64 - TOSHIBA Corporation)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.1.1.4 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.18.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.0 - TOSHIBA Corporation)
TOSHIBA Security Assist (HKLM-x32\...\{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}) (Version: 2.0.9 - TOSHIBA)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.7 - TOSHIBA Corporation)
TOSHIBA Sync Utility (HKLM-x32\...\{CCF62642-ECB1-4D2B-80C0-3FD3286AEAED}) (Version: 2.0.3060 - TOSHIBA Corporation)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.10.64 - TOSHIBA Corporation)
TOSHIBA VIDEO PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 4.00.4.60-A - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 1.1.7.1 - TOSHIBA Corporation)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}) (Version: 1.0.4 - TOSHIBA CORPORATION)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 beta 12 - Ghisler Software GmbH)
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.16 - IDRIX)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.15-1 - Bitnami)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-50433080-710429258-2441499552-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {011F99F6-D4FE-4507-BF04-0C1ECE08CFB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {2DB0196A-A783-4BC7-B53F-99E000A2922E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {3BC1310F-6262-42B9-AB22-8764714495F3} - \Lyrics Seeker Update -> Keine Datei <==== ACHTUNG
Task: {533CC4DB-ED83-4A01-86D2-45C2C6C5B463} - System32\Tasks\AdobeAAMUpdater-1.0-BBKLAPTOP-benjamka => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5DC2A5C6-291E-431E-A4BA-0D992EDAC946} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000UA => C:\Users\benjamka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {5F67D011-55AA-45C2-A392-FCF737176BF3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {612FDC98-97F1-4126-AFA2-2AA3D1E9A694} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000Core => C:\Users\benjamka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {667B4007-3460-4B4D-AF2C-0C5FB1448F21} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {806B77B1-FDCD-4237-AFD5-B41275BFFB69} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {81195C19-3472-43E1-9EF1-E3BD96BE36FE} - System32\Tasks\{008D639C-C03A-41C9-BEF9-9FAEFC132657} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {BB590BE5-9A30-423B-B339-6D03DAC80375} - System32\Tasks\Microsoft\Windows\Setup\xtgt\refreshxtgtconfig => C:\Windows\system32\XTgt\XTgtMgr.exe [2015-10-05] (Microsoft Corporation)
Task: {C12F51AA-FD5C-4DC2-B4DD-BB5F0C966510} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {D9209408-5882-4E3F-B395-A413AC2F0E07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.)
Task: {DC404808-131E-4D79-A6F9-5E68B8D971CC} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {FC21203B-2B24-4388-9208-6B84BBA593A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000Core.job => C:\Users\benjamka\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000UA.job => C:\Users\benjamka\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-01-21 20:45 - 2012-11-28 18:50 - 00019880 _____ () C:\windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2012-06-15 11:31 - 2012-06-15 11:31 - 00718848 _____ () C:\Program Files (x86)\NETGEAR\USB Media Extender\setqos.exe
2015-03-03 00:53 - 2015-03-03 00:57 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2013-05-15 20:33 - 2010-04-13 15:40 - 00968448 _____ () C:\Program Files (x86)\Second Copy 8\SCVSSSvc.exe
2013-10-09 10:52 - 2013-10-09 10:52 - 00384072 _____ () C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe
2011-04-07 21:59 - 2011-04-07 21:59 - 00592312 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2015-06-19 02:31 - 2015-06-19 02:31 - 00059392 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-11-19 01:18 - 2010-11-19 01:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2011-03-03 22:21 - 2011-03-03 22:21 - 03420584 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2015-12-03 10:27 - 2015-12-03 10:27 - 01890830 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2013-12-29 23:05 - 2013-10-03 10:42 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2012-06-25 10:19 - 2012-06-25 10:19 - 22641664 _____ () C:\Program Files (x86)\NETGEAR\USB Media Extender\Control Center.exe
2014-12-12 23:24 - 2014-12-12 23:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2010-12-08 23:42 - 2010-12-08 23:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-03 10:27 - 2015-12-03 10:27 - 00681998 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2015-12-03 10:27 - 2015-12-03 10:27 - 01022478 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2013-12-29 23:05 - 2013-10-03 10:42 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2015-12-11 14:11 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-11 14:11 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-11 14:11 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-11 14:11 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-11 14:11 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-11 14:11 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-11 14:11 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-11 14:11 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 23:59 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\benjamka\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-06-21 13:14 - 2015-07-21 10:43 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2014-06-21 13:14 - 2015-07-21 10:43 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2015-12-26 02:35 - 2016-01-09 19:59 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-12-26 02:35 - 2016-01-09 19:59 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7867 mehr Seiten.

IE trusted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7867 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-50433080-710429258-2441499552-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\benjamka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Toshiba Places Icon Utility.lnk => C:\windows\pss\Toshiba Places Icon Utility.lnk.CommonStartup
MSCONFIG\startupreg: Ad-Aware Antivirus => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
MSCONFIG\startupreg: Toshiba TEMPRO => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{18F9B4CF-3355-4DFE-9A11-D544039302FF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0AEE0B96-C74A-41C4-B0D7-52425B60CC47}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7E4BAF6A-B2BF-4C1C-A432-BA8825ADEF25}] => (Allow) LPort=2869
FirewallRules: [{F6200A9A-D8DC-4617-9C3B-2631DDDE95DB}] => (Allow) LPort=1900
FirewallRules: [{43FC74DA-1CCE-4F15-913D-635F2B84115E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A5482107-A5A1-4B1E-A0BF-D0D5E728C283}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{50CA9607-1D43-411F-A483-16BD03B2902B}] => (Allow) C:\Program Files (x86)\Microsoft Office 2007\Office12\GROOVE.EXE
FirewallRules: [{750BDA4C-701B-4E79-92F2-56F29D3AFCF7}] => (Allow) C:\Program Files (x86)\Microsoft Office 2007\Office12\GROOVE.EXE
FirewallRules: [{872C8B78-429A-444A-BA1E-8AA79F340C81}] => (Allow) C:\Program Files (x86)\Microsoft Office 2007\Office12\ONENOTE.EXE
FirewallRules: [{3B34C576-1E96-4C9B-8830-1FAF738001D8}] => (Allow) C:\Program Files (x86)\Microsoft Office 2007\Office12\ONENOTE.EXE
FirewallRules: [TCP Query User{290FD82D-744F-4563-BB4D-566EAF8A35DA}C:\program files (x86)\microsoft office 2007\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office 2007\office12\groove.exe
FirewallRules: [UDP Query User{009B87DA-B380-4B5E-8E95-AA6D96F66C91}C:\program files (x86)\microsoft office 2007\office12\groove.exe] => (Block) C:\program files (x86)\microsoft office 2007\office12\groove.exe
FirewallRules: [{6ECD5366-F230-4D9A-8475-B19A133B0997}] => (Allow) D:\fsetup.exe
FirewallRules: [{A6B0C297-39D7-4AE5-8F73-72D7152A034E}] => (Allow) D:\fsetup.exe
FirewallRules: [TCP Query User{0808B48E-0F94-4355-81D5-C327815353C0}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{7BCEEF7D-9774-4A50-8D57-7884CEA9FEFF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{C57FF549-1292-430A-AA52-E86DB915416D}] => (Allow) C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C0715ED8-A10D-4CAF-ADB5-8873988C001E}] => (Allow) C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D40F8F1B-E8EA-4AB7-A73F-A2714B71F44A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{1794BA9E-C5FB-46A5-8BA6-61E092ABD086}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9059B235-D15D-44F1-BBFA-9E8464658AD2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{459AEDE0-A773-49A6-AA3A-1CA18CFCD9F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D4EE5496-ED1E-4AE2-9769-FD54D3F59260}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EFA2E455-9780-4321-AA57-2DB9076619CD}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{CCDA79A0-1B87-4DFF-8FF1-75046488DAAF}C:\users\benjamka\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\benjamka\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{74CC3B9D-9D4C-4F71-B8BB-C3EDB7D9258C}C:\users\benjamka\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\benjamka\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{2893CA94-B315-4C4B-905C-6763A8268B26}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{EADBD15E-1BD8-48A6-BC05-BAB4C0E09FC4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{2CCFD4B7-9196-4106-8EC0-BF94EF15EBEC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{12D95F95-5719-46CB-AADA-A4C6AFA5DDA7}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{C5F8245F-2D8D-4E79-817A-A771DB1A0293}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{D264E3A8-828E-4490-91D0-A80340AA544D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{9A9DD54F-0EBD-4DF4-A6F8-755DCDAA8C1F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{047E83B1-8FFD-4EB6-880A-B39D73DD215A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C21B43D8-3ABE-4D6D-A569-130CCE4049C0}C:\program files (x86)\aptana s3\aptanastudio3.exe] => (Block) C:\program files (x86)\aptana s3\aptanastudio3.exe
FirewallRules: [UDP Query User{E3C65BF3-1B18-49C7-B585-A72D5360EE61}C:\program files (x86)\aptana s3\aptanastudio3.exe] => (Block) C:\program files (x86)\aptana s3\aptanastudio3.exe
FirewallRules: [{E7758F1E-63EC-45FD-9B85-2415BB68CC52}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B10DFC3C-0C9B-4D4C-803F-2BB6C0D22966}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{956CEC33-57A0-4ED1-9491-06EE748AE28F}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{90692234-AB12-4938-BB19-B05AD3C4398D}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{653789C9-2244-4292-B8D5-ECCC7F39ED2C}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [{8A8A586E-BBFD-49C2-921B-70552DBA4505}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe
FirewallRules: [TCP Query User{7D2883FE-1DE7-4647-AB3F-CC614D0D1BCE}C:\program files (x86)\netgear\netgear powerline utility\namepipeserver.exe] => (Allow) C:\program files (x86)\netgear\netgear powerline utility\namepipeserver.exe
FirewallRules: [UDP Query User{43964E8F-4E80-426D-A03B-B027ADA07193}C:\program files (x86)\netgear\netgear powerline utility\namepipeserver.exe] => (Allow) C:\program files (x86)\netgear\netgear powerline utility\namepipeserver.exe
FirewallRules: [{85EEB40F-87B1-4E2C-BE65-FF46E1E96359}] => (Allow) C:\Program Files (x86)\NETGEAR\USB Media Extender\Control Center.exe
FirewallRules: [{5A69410F-94CE-4A98-B9A9-5520C598DECE}] => (Allow) C:\Program Files (x86)\NETGEAR\USB Media Extender\Control Center.exe
FirewallRules: [{A37CA65D-E391-4E7C-B7F2-AA1616B3C220}] => (Allow) LPort=7423
FirewallRules: [TCP Query User{1DE2F863-C392-43BF-8DB8-77CEC9E588E1}C:\program files (x86)\netgear\usb media extender\control center.exe] => (Allow) C:\program files (x86)\netgear\usb media extender\control center.exe
FirewallRules: [UDP Query User{7B49CC51-7112-4674-B482-AD99D8E9929D}C:\program files (x86)\netgear\usb media extender\control center.exe] => (Allow) C:\program files (x86)\netgear\usb media extender\control center.exe
FirewallRules: [{435E377B-2111-4A5E-8FDB-C415E3C62290}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D30E6E9E-54FC-4B72-8D94-8E293F34C409}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{0CBA0D94-61A8-411A-8370-42C359239AD3}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C6678117-7A35-4AE5-A677-8433A92E88A2}] => (Allow) C:\Users\benjamka\AppData\Local\Apps\2.0\422DB9VB.QPA\KCW72ZC9.DW9\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [TCP Query User{8D8DCD9C-5994-4CBC-90D2-FDD63A2A4A80}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{B27ED4E2-B59D-486A-8526-719F80E23CAC}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{8AA0389B-D88D-4258-BB47-869BBFF7F547}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{7CB416AF-ECBC-4AC7-99ED-F6369D7FE7DD}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{ED0A0AE5-9288-4F8C-90C2-58E91CC48307}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A70AB663-1A21-41F4-A0EF-6408C418ED3C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2AE23FEB-2DB7-49EB-ADBC-06026A976947}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{20843831-991E-4452-B606-916DF6A2C163}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{D614FBCD-8932-4A15-AFD6-145F2D7F5622}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{C7087D5D-CFDC-42AF-8B42-9123E6A48EE1}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{4FDC107C-92E7-481D-ADA7-4E9688AC5B3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2A802569-8847-4BAD-B985-A1259E64E879}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6798A8E8-1689-49AC-A3CB-45C5A2B4D8DF}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{42E56A99-7257-4A61-9409-735A688E1E5D}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [{086C1F9A-EAF8-433A-9EB6-38835A5D6F9B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B39F605D-7624-4FC1-96E0-56CFF1B7A75A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{42024F60-7C4C-49F5-9100-53A5BD952780}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{63C4A8D5-AE82-4CED-AF04-D1CE54DEEA4E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{9343847B-823D-406E-8EF0-DDA067BABE4C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{703F3735-EB12-4AE9-91C5-861A603A739C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3D4E75DF-1E7F-4FF5-B7AF-58EA8A4FF3BC}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [UDP Query User{730F680A-9F93-496B-BBDD-45DCC5B737D8}C:\program files (x86)\xmind\xmind.exe] => (Allow) C:\program files (x86)\xmind\xmind.exe
FirewallRules: [{F108CA64-DB8D-461D-A2F1-F046D0E34A4E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{01665006-C410-4A51-825C-8EE9584EEF2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{6E21E433-8E73-4352-9706-8038C7C56DE0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{A755771B-BB5C-4B92-A3C0-1961F9297838}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{0224646B-7B76-447A-90B1-FA9BD06733F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{B27425B9-2E2A-4DC5-986A-62190D84B0A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{C42DF63F-84E3-48BC-A5F8-1BCF05462D8E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B4C011C8-3310-4180-A289-BB6EC225906F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{E01EFA1A-E680-47EC-B4A4-42E8843BFBAF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{AC0BC2B0-49C4-4F97-B52B-DBDBCEA42266}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{3B8611BD-2B58-4688-BC26-894590614A06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{D3C91DD3-D003-44E7-8CD2-F784E934685A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{8EDA2C51-9765-42B4-A010-35A7DE6AEA20}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{92404291-EDF3-4B0D-9FC8-C6C00487F9AA}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{45C1BA4C-B108-4C7A-AA32-343A321A483E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2C4083D5-3893-4DE7-883E-2CA61B6A02CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TeamViewer VPN Adapter
Description: TeamViewer VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TeamViewer GmbH
Service: teamviewervpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/25/2016 06:21:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1326

Error: (01/25/2016 06:21:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1326

Error: (01/25/2016 06:21:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/25/2016 04:28:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2016 04:23:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2016 12:22:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2016 02:34:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4602

Error: (01/25/2016 02:34:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4602

Error: (01/25/2016 02:34:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/25/2016 02:34:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3432


Systemfehler:
=============
Error: (01/25/2016 04:27:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (01/25/2016 04:27:09 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/25/2016 04:24:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (01/25/2016 04:23:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (01/25/2016 12:22:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (01/25/2016 12:43:54 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/24/2016 11:00:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (01/24/2016 03:39:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (01/24/2016 03:09:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (01/23/2016 03:32:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE


CodeIntegrity:
===================================
  Date: 2013-11-30 00:45:47.691
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-30 00:45:47.629
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-30 00:45:47.520
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-30 00:45:47.457
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-29 23:58:18.780
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-29 23:58:18.702
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-29 23:58:18.624
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-29 23:58:18.562
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\NetgearUDSMBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 8165.43 MB
Verfügbarer physikalischer RAM: 4730.24 MB
Summe virtueller Speicher: 11192.48 MB
Verfügbarer virtueller Speicher: 7608.12 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:103.23 GB) (Free:2.95 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: () (Removable) (Total:29.02 GB) (Free:22.25 GB) FAT32
Drive k: (Bunker) (Fixed) (Total:931.51 GB) (Free:137.68 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 119.2 GB) (Disk ID: 749600A5)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=103.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.5 GB) - (Type=17)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: FEB4A2EE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 25.01.2016, 22:10   #27
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Task: {3BC1310F-6262-42B9-AB22-8764714495F3} - \Lyrics Seeker Update -> Keine Datei <==== ACHTUNG
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.01.2016, 05:45   #28
Bene25
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



Done.

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016
durchgeführt von benjamka (2016-01-26 05:40:25) Run:1
Gestartet von C:\Users\benjamka\Downloads
Geladene Profile: benjamka (Verfügbare Profile: benjamka & BBK 64 & Hombre & Gast)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Task: {3BC1310F-6262-42B9-AB22-8764714495F3} - \Lyrics Seeker Update -> Keine Datei <==== ACHTUNG
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
emptytemp:
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3BC1310F-6262-42B9-AB22-8764714495F3}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BC1310F-6262-42B9-AB22-8764714495F3}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lyrics Seeker Update => Schlüssel nicht gefunden. 
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
EmptyTemp: => 1.2 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 05:40:47 ====
         

Alt 26.01.2016, 09:02   #29
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.01.2016, 12:29   #30
Bene25
 
Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Standard

Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden



Geschafft.

Hier das Log von ADWCLeaner:
Code:
ATTFilter
# AdwCleaner v5.031 - Bericht erstellt am 26/01/2016 um 12:08:26
# Aktualisiert am 25/01/2016 von Xplode
# Datenbank : 2016-01-25.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : benjamka - BBKLAPTOP
# Gestartet von : C:\Users\benjamka\Desktop\adwcleaner_5.031.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

[-] Datei Gelöscht : C:\searchplugins\bing-lavasoft.xml
[-] Datei Gelöscht : C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\2sdewnmb.Bene\searchplugins\bing-lavasoft.xml
[-] Datei Gelöscht : C:\windows\SysWOW64\lavasofttcpservice.dll

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

[-] [C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\2sdewnmb.Bene\prefs.js] [Preference] Gelöscht : user_pref("browser.newtab.url", "hxxp://www.bing.com/?pc=COSP&ptag=D011916-AD42D1DB7E9&form=CONMHP&conlogo=CT3334497");

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1312 Bytes] ##########
         
Hier das Log von JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Home Premium x64 
Ran by benjamka (Administrator) on 26.01.2016 at 12:14:26,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 9 

Successfully deleted: C:\Users\benjamka\AppData\Local\{4B03B0CB-C65A-461D-A38F-B90BA0EFC948} (Empty Folder)
Successfully deleted: C:\Users\benjamka\AppData\Local\{79E17A30-7A77-4D3F-857E-AA359A3E195A} (Empty Folder)
Successfully deleted: C:\Users\benjamka\AppData\Local\{7D02B031-6CBD-4AB0-BDB7-EB65182D8C41} (Empty Folder)
Successfully deleted: C:\Users\benjamka\AppData\Roaming\pdfforge (Folder) 
Successfully deleted: C:\windows\wininit.ini (File) 
Successfully deleted: C:\Users\benjamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\14N1UE2G (Folder) 
Successfully deleted: C:\Users\benjamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2BIU8LLU (Folder) 
Successfully deleted: C:\Users\benjamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FW6CMDGN (Folder) 
Successfully deleted: C:\Users\benjamka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOQ7OUGS (Folder) 



Registry: 2 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.01.2016 at 12:16:57,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
...und nochmal von FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
durchgeführt von benjamka (Administrator) auf BBKLAPTOP (26-01-2016 12:20:51)
Gestartet von C:\Users\benjamka\Downloads
Geladene Profile: benjamka (Verfügbare Profile: benjamka & BBK 64 & Hombre & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\NETGEAR\USB Media Extender\SetQos.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Second Copy 8\SCVSSSvc.exe
() C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [TDLPowerCtrl] => C:\Program Files\TOSHIBA\TOSHIBA Intelligent Display Management\TDLPowerCtrl.exe [498120 2011-01-24] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-19] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [328048 2011-01-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2011-01-17] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [TNRotate] => C:\Program Files (x86)\TOSHIBA\TNRotate\TNRotate.exe [607688 2010-11-25] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-05] (TOSHIBA)
HKLM-x32\...\Run: [TSUScheduler] => C:\Program Files (x86)\TOSHIBA\Sync Utility\TosSyncScheduler.exe [923000 2010-05-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [Netgear UDS Control Center] => C:\Program Files (x86)\NETGEAR\USB Media Extender\Control Center.exe [22641664 2012-06-25] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-07-21] (Geek Software GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [Dropbox Update] => C:\Users\benjamka\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1890830 2015-12-03] ()
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\benjamka\AppData\Local\CloudStation\app\icon-overlay\10\x64\iconOverlay.dll [2015-01-07] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjamka\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2012-02-02]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2015-11-06]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-08-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2013-12-29]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\BBK 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\benjamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\benjamka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\benjamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2012-02-19]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office 2007\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Hombre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-13]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6F3EF3E1-6473-4698-9280-C471DE069571}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{EF8C008F-760B-40DB-AA0D-C662DC07F9EF}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1
HKU\S-1-5-21-50433080-710429258-2441499552-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM -> {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-50433080-710429258-2441499552-1000 -> DefaultScope {61A6F76C-F0EE-4F58-A7A4-EA3E809AAAE4} URL = 
SearchScopes: HKU\S-1-5-21-50433080-710429258-2441499552-1000 -> {29AA9FFF-B981-40A6-8F74-F02CAD29809D} URL = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-50433080-710429258-2441499552-1000 -> {895F93D1-22C5-4CCF-8735-43F9FF5FBF91} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-28] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-28] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (<TOSHIBA>)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} 
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\2sdewnmb.Bene
FF SelectedSearchEngine: Bing®
FF Homepage: www.google.de
FF Session Restore: -> ist aktiviert.
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll [Keine Datei]
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\searchplugins\google-deutschland.xml [2015-09-03]
FF SearchPlugin: C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\searchplugins\ixquick-https---deutsch.xml [2015-10-05]
FF Extension: Lavasoft Search Plugin - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013-01-15] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: BetterPrivacy - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\104o7vav.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-09-17]
FF Extension: Session Manager - C:\Users\benjamka\AppData\Roaming\Mozilla\Firefox\Profiles\2sdewnmb.Bene\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2016-01-16]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-01-07] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-10] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-08-09] [ist nicht signiert]
FF HKU\S-1-5-21-50433080-710429258-2441499552-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HKU\S-1-5-21-50433080-710429258-2441499552-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NuSetQos; C:\Program Files (x86)\NETGEAR\USB Media Extender\\setqos.exe [718848 2012-06-15] () [Datei ist nicht signiert]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2015-03-03] ()
R2 SCVSSService; C:\Program Files (x86)\Second Copy 8\SCVSSSvc.exe [968448 2010-04-13] ()
R2 SynoDrService; C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe [384072 2013-10-09] ()
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-11-08] (AVM Berlin)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-15] (GFI Software)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NetgearUDSMBus; C:\Windows\SysWow64\Drivers\NetgearUDSMBus.sys [106632 2012-06-15] (Windows (R) Codename Longhorn DDK provider)
R3 NetgearUDSTcpBus; C:\Windows\SysWow64\Drivers\NetgearUDSTcpBus.sys [182920 2012-06-15] (Windows (R) Codename Longhorn DDK provider)
S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [195416 2015-10-08] (IDRIX)
S1 SBRE; \??\C:\windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-26 12:16 - 2016-01-26 12:16 - 00001818 _____ C:\Users\benjamka\Desktop\JRT.txt
2016-01-26 12:13 - 2016-01-26 12:13 - 01600184 _____ (Malwarebytes) C:\Users\benjamka\Downloads\JRT.exe
2016-01-26 12:13 - 2016-01-26 12:13 - 01600184 _____ (Malwarebytes) C:\Users\benjamka\Desktop\JRT.exe
2016-01-26 12:10 - 2016-01-26 12:10 - 00000000 ____H C:\ProgramData\cm-lock
2016-01-26 11:57 - 2016-01-26 11:57 - 01507840 _____ C:\Users\benjamka\Desktop\adwcleaner_5.031.exe
2016-01-26 05:40 - 2016-01-26 05:40 - 00001345 _____ C:\Users\benjamka\Downloads\Fixlog.txt
2016-01-26 05:38 - 2016-01-26 05:38 - 00000217 _____ C:\Users\benjamka\Desktop\Fixlist.txt
2016-01-25 20:54 - 2016-01-25 20:56 - 00075749 _____ C:\Users\benjamka\Downloads\Addition.txt
2016-01-25 14:08 - 2016-01-26 05:34 - 00000000 ____D C:\Logsinf
2016-01-22 14:08 - 2016-01-26 12:20 - 00030241 _____ C:\Users\benjamka\Downloads\FRST.txt
2016-01-22 14:08 - 2016-01-22 14:08 - 02370560 _____ (Farbar) C:\Users\benjamka\Downloads\FRST64.exe
2016-01-20 14:08 - 2016-01-20 14:08 - 00003273 _____ C:\Users\benjamka\AppData\Local\recently-used.xbel
2016-01-19 21:03 - 2016-01-26 12:08 - 00000000 ____D C:\searchplugins
2016-01-19 21:02 - 2016-01-20 09:21 - 00002896 _____ C:\windows\SysWOW64\LavasoftTcpServiceOff.ini
2016-01-19 21:02 - 2016-01-20 09:21 - 00002896 _____ C:\windows\system32\LavasoftTcpServiceOff.ini
2016-01-19 21:02 - 2016-01-19 21:02 - 00425744 _____ (Lavasoft Limited) C:\windows\system32\LavasoftTcpService64.dll
2016-01-19 21:02 - 2016-01-19 21:02 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\MPC-HC
2016-01-19 21:01 - 2016-01-19 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-01-19 21:01 - 2016-01-19 21:01 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-01-19 21:01 - 2015-12-18 11:00 - 00755200 _____ C:\windows\system32\xvidcore.dll
2016-01-19 21:01 - 2015-12-18 11:00 - 00674816 _____ C:\windows\SysWOW64\xvidcore.dll
2016-01-19 21:01 - 2015-12-18 11:00 - 00309248 _____ C:\windows\system32\xvidvfw.dll
2016-01-19 21:01 - 2015-12-18 11:00 - 00282112 _____ C:\windows\SysWOW64\xvidvfw.dll
2016-01-19 21:01 - 2015-10-24 18:00 - 00126976 _____ C:\windows\system32\ff_vfw.dll
2016-01-19 21:01 - 2015-10-24 18:00 - 00112128 _____ C:\windows\SysWOW64\ff_vfw.dll
2016-01-19 21:01 - 2015-02-28 17:22 - 03571200 _____ (x264vfw project) C:\windows\system32\x264vfw64.dll
2016-01-19 21:01 - 2015-02-28 17:21 - 03591680 _____ (x264vfw project) C:\windows\SysWOW64\x264vfw.dll
2016-01-19 21:01 - 2012-07-21 12:55 - 00180736 _____ (fccHandler) C:\windows\system32\ac3acm.acm
2016-01-19 21:01 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\windows\SysWOW64\ac3acm.acm
2016-01-19 21:01 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\windows\system32\lagarith.dll
2016-01-19 21:01 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\windows\SysWOW64\lagarith.dll
2016-01-19 20:57 - 2016-01-19 20:57 - 42013590 _____ ( ) C:\Users\benjamka\Downloads\K-Lite_Codec_Pack_1180_Mega.exe
2016-01-19 03:01 - 2016-01-19 03:01 - 00000000 ____D C:\Users\benjamka\AppData\Local\NokiaAccount
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p23].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p22].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p21].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p20].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p19].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p18].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p17].bmp
2016-01-16 19:14 - 2016-01-16 19:15 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p16].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p15].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p14].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p13].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p12].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p11].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p10].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p09].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p08].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p07].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p06].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p05].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p04].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p03].bmp
2016-01-16 19:13 - 2016-01-16 19:14 - 02529622 _____ C:\Users\benjamka\AppData\Local\[j0002]-[p02].bmp
2016-01-14 13:28 - 2016-01-14 13:52 - 00000000 ____D C:\Users\benjamka\Documents\MyScans
2016-01-14 13:26 - 2016-01-14 13:29 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Foxit Scanner Images
2016-01-13 09:42 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-01-13 09:42 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2016-01-13 09:42 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 09:42 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-01-13 09:42 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-01-13 09:42 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-01-13 09:42 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 09:42 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-01-13 09:42 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-01-13 09:42 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-01-13 09:42 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-01-13 09:42 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-01-13 09:42 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-01-13 09:42 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2016-01-13 09:42 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2016-01-13 09:42 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2016-01-13 09:42 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2016-01-13 09:41 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-01-13 09:41 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-01-13 09:41 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-01-13 09:41 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-01-13 09:41 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-01-13 09:41 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-01-13 09:41 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-01-13 09:41 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-01-13 09:41 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-01-13 09:41 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-01-13 09:41 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-01-13 09:41 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-01-13 09:41 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-01-13 09:41 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-01-13 09:41 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-01-13 09:41 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-01-13 09:41 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-01-13 09:41 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-01-13 09:41 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-01-13 09:41 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-01-13 09:41 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 09:41 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-01-13 09:41 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-01-13 09:41 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-01-13 09:41 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-01-13 09:41 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-01-13 09:41 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-01-13 09:41 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-01-13 09:41 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-01-13 09:41 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-01-13 09:41 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-01-13 09:41 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-01-13 09:41 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-01-13 09:41 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-01-13 09:41 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-01-13 09:41 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-01-13 09:41 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-01-13 09:41 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-01-13 09:41 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-01-13 09:41 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-01-13 09:41 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-01-13 09:41 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 09:41 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-01-13 09:41 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-01-13 09:41 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-01-13 09:41 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-01-13 09:41 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-01-13 09:41 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-01-13 09:41 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-01-13 09:41 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-01-13 09:41 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-01-13 09:41 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-01-13 09:41 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-01-13 09:41 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-01-13 09:41 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-01-13 09:41 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-01-13 09:41 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-01-13 09:41 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-01-13 09:41 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 09:41 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 09:41 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-01-13 09:41 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-01-13 09:41 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-01-13 09:41 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-01-13 09:41 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-01-13 09:41 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-01-13 09:41 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-01-13 09:41 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-01-13 09:41 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-01-13 09:41 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-01-13 09:41 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-01-13 09:41 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-01-13 09:41 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-01-13 09:41 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-01-13 09:41 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-01-13 09:41 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-01-13 09:41 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-01-13 09:41 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-01-13 09:41 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-01-13 09:40 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-01-13 09:40 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-01-13 09:40 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-01-13 09:40 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-01-13 09:40 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-01-13 09:40 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-01-13 09:40 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-01-13 09:40 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-01-13 09:40 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-01-13 09:40 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-01-13 09:40 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-01-13 09:40 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-01-13 09:40 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-01-13 09:40 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-01-13 09:40 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-01-13 09:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-01-13 09:40 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-01-13 09:40 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-01-13 09:40 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-01-13 09:40 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-01-13 09:40 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-01-13 09:40 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-01-13 09:40 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-01-13 09:40 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-01-13 09:40 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-01-13 09:40 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-01-13 09:40 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-01-13 09:40 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-01-13 09:40 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-01-13 09:40 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-01-13 09:40 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-01-13 09:40 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-01-13 09:40 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-01-13 09:40 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-01-13 09:40 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-01-13 09:40 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-01-13 09:40 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-01-13 09:40 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-01-13 09:40 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 09:40 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 09:40 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-01-13 09:40 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-01-13 09:40 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-01-13 09:40 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-01-13 09:40 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-01-13 09:40 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-01-13 09:40 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-01-13 09:40 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-01-12 16:49 - 2016-01-19 21:02 - 00000000 ____D C:\Users\benjamka\AppData\Local\CrashDumps
2016-01-12 04:13 - 2016-01-12 04:13 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\JAM Software
2016-01-12 04:13 - 2016-01-12 04:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2016-01-12 04:13 - 2016-01-12 04:13 - 00000000 ____D C:\Program Files (x86)\JAM Software
2016-01-09 23:19 - 2016-01-09 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2016-01-09 23:16 - 2016-01-10 02:24 - 00000000 ____D C:\xampp
2016-01-09 23:04 - 2016-01-11 02:37 - 00000106 _____ C:\Users\benjamka\Documents\urls.txt
2016-01-09 01:20 - 2016-01-09 01:20 - 00273025 _____ C:\Users\benjamka\Documents\Logo2.xcf
2016-01-08 22:22 - 2016-01-08 22:22 - 00003971 _____ C:\Users\benjamka\Documents\wp-config.php
2016-01-07 11:04 - 2016-01-09 23:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-02 12:05 - 2016-01-02 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-27 20:21 - 2009-06-10 22:00 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts.20151227-202141.backup

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-26 12:20 - 2015-11-13 22:40 - 00000000 ____D C:\FRST
2016-01-26 12:17 - 2009-07-14 05:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-26 12:17 - 2009-07-14 05:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-26 12:14 - 2011-02-11 09:21 - 00699682 _____ C:\windows\system32\perfh007.dat
2016-01-26 12:14 - 2011-02-11 09:21 - 00149790 _____ C:\windows\system32\perfc007.dat
2016-01-26 12:14 - 2009-07-14 06:13 - 01620684 _____ C:\windows\system32\PerfStringBackup.INI
2016-01-26 12:14 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-01-26 12:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-26 12:10 - 2015-11-14 01:09 - 00000000 ____D C:\Users\benjamka\AppData\Local\ownCloud
2016-01-26 12:10 - 2012-09-11 19:44 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-26 12:10 - 2012-05-20 20:58 - 00000000 ___RD C:\Users\benjamka\Dropbox
2016-01-26 12:10 - 2012-05-20 20:56 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Dropbox
2016-01-26 12:10 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-01-26 12:08 - 2013-09-04 22:00 - 00000000 ____D C:\AdwCleaner
2016-01-26 11:58 - 2015-06-16 11:48 - 00001236 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000UA.job
2016-01-26 11:52 - 2012-09-11 19:44 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-26 11:50 - 2012-07-30 17:58 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-01-26 05:40 - 2012-10-22 21:45 - 00000000 ____D C:\Users\benjamka\AppData\LocalLow\Temp
2016-01-26 05:32 - 2014-08-28 22:26 - 00000000 ____D C:\Users\benjamka\AppData\Local\Adobe
2016-01-25 16:31 - 2015-12-09 19:11 - 00005688 _____ C:\Users\benjamka\Documents\Spamtexts.txt
2016-01-25 16:27 - 2014-10-30 14:04 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-01-25 16:23 - 2013-08-05 23:35 - 00000000 ____D C:\Program Files (x86)\Avira
2016-01-25 16:22 - 2013-08-05 23:35 - 00000000 ____D C:\ProgramData\Avira
2016-01-25 14:10 - 2015-06-16 11:48 - 00001184 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-50433080-710429258-2441499552-1000Core.job
2016-01-25 14:03 - 2014-08-09 16:15 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-24 23:03 - 2012-01-24 21:09 - 00000000 ___RD C:\Users\benjamka
2016-01-24 19:00 - 2015-12-11 16:43 - 00000000 ____D C:\Users\benjamka\Documents\Golem
2016-01-24 15:33 - 2015-06-04 22:27 - 00000000 ____D C:\Users\benjamka\.gimp-2.8
2016-01-24 08:24 - 2012-01-25 21:14 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\foobar2000
2016-01-23 15:32 - 2009-07-14 06:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-01-22 14:17 - 2015-08-17 23:07 - 00000000 ____D C:\Users\benjamka\Documents\Schrift-Feld
2016-01-22 13:34 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2016-01-20 14:22 - 2012-02-01 20:13 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-01-20 14:08 - 2015-06-25 11:24 - 00000000 ____D C:\Users\benjamka\AppData\Local\gtk-2.0
2016-01-19 21:02 - 2012-02-02 03:58 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\vlc
2016-01-19 20:50 - 2012-07-30 17:58 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 20:50 - 2012-03-31 08:40 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-01-19 20:50 - 2012-01-25 10:23 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-19 10:58 - 2012-01-24 21:15 - 00110376 _____ C:\Users\benjamka\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-19 10:56 - 2009-07-14 05:45 - 00501824 _____ C:\windows\system32\FNTCACHE.DAT
2016-01-19 03:14 - 2011-05-15 18:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-19 03:01 - 2015-10-13 21:56 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Nokia Suite
2016-01-19 03:01 - 2015-10-13 21:56 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Nokia
2016-01-19 03:01 - 2015-10-13 21:18 - 00000000 ____D C:\ProgramData\Nokia
2016-01-19 03:01 - 2015-10-13 21:17 - 00000000 ____D C:\Program Files (x86)\Nokia
2016-01-16 19:28 - 2013-01-22 19:33 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\FileZilla
2016-01-14 17:47 - 2009-07-14 04:20 - 00000000 ____D C:\windows\rescache
2016-01-14 16:09 - 2014-08-14 18:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-14 14:08 - 2013-11-22 16:55 - 00000000 ____D C:\Users\benjamka\Documents\Business
2016-01-14 13:19 - 2011-05-15 18:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-01-14 13:18 - 2011-05-15 18:27 - 00000000 ____D C:\ProgramData\Adobe
2016-01-14 13:09 - 2015-11-24 19:27 - 00000000 ___RD C:\Users\benjamka\Documents\Scanned Documents
2016-01-14 11:36 - 2013-03-14 17:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 11:36 - 2013-03-14 17:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 23:30 - 2013-03-14 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 23:30 - 2012-01-25 17:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-13 23:16 - 2014-02-14 20:24 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\MyPhoneExplorer
2016-01-13 12:19 - 2015-04-16 18:24 - 00000000 ____D C:\windows\system32\appraiser
2016-01-13 12:19 - 2014-05-06 21:40 - 00000000 ___SD C:\windows\system32\CompatTel
2016-01-13 01:40 - 2015-09-14 20:59 - 00000000 ____D C:\Users\benjamka\Documents\Eigene Scans
2016-01-09 23:08 - 2015-12-26 02:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-09 23:08 - 2012-05-12 13:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-08 16:00 - 2014-04-26 14:03 - 00001962 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-01-08 16:00 - 2013-01-22 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-01-08 16:00 - 2013-01-22 19:33 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2016-01-05 05:06 - 2012-02-21 22:26 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\Skype
2016-01-03 15:20 - 2015-08-09 13:43 - 00000000 ____D C:\Users\benjamka\AppData\Roaming\HpUpdate
2016-01-02 12:06 - 2011-05-15 18:55 - 00000000 ____D C:\ProgramData\Skype
2016-01-02 12:05 - 2014-03-19 23:14 - 00000000 ____D C:\Users\benjamka\AppData\Local\Skype
2016-01-02 12:05 - 2011-05-15 18:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-27 19:32 - 2013-08-22 20:55 - 00000000 ____D C:\Program Files (x86)\Steam

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-20 14:08 - 2016-01-20 14:08 - 0003273 _____ () C:\Users\benjamka\AppData\Local\recently-used.xbel
2014-02-09 21:36 - 2015-11-08 13:29 - 0007627 _____ () C:\Users\benjamka\AppData\Local\Resmon.ResmonCfg
2016-01-16 19:13 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p02].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p03].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p04].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p05].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p06].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p07].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p08].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p09].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p10].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p11].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p12].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p13].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p14].bmp
2016-01-16 19:14 - 2016-01-16 19:14 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p15].bmp
2016-01-16 19:14 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p16].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p17].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p18].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p19].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p20].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p21].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p22].bmp
2016-01-16 19:15 - 2016-01-16 19:15 - 2529622 _____ () C:\Users\benjamka\AppData\Local\[j0002]-[p23].bmp
2012-12-26 00:20 - 2013-11-22 16:33 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-01-26 12:10 - 2016-01-26 12:10 - 0000000 ____H () C:\ProgramData\cm-lock
2012-02-21 22:28 - 2012-02-21 22:28 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2015-08-03 19:02 - 2015-08-09 14:19 - 0034260 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\benjamka\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-19 13:14

==================== Ende von FRST.txt ============================
         

Antwort

Themen zu Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden
adware, anti-malware, antivir, avira, avira antivir, diskstation, einzige, einzigen, entfern, entfernt, externe, freue, gefunde, malware / spyware etc, malwarebytes, melde, meldet, poste, problems, pup trojaner, pup virus, rechner, scan, spybot, störenfriede, synology, verschiedene, viren, würde, zeichen



Ähnliche Themen: Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden


  1. Viren (APPL/RedCap (Cloud), SPR/Agent.dkb, TR/Drop.Rotbrow.K.1, ADWARE/InstallCore.Gen7 und zweimal ADWARE/BHO.Bprotector.1.4).
    Plagegeister aller Art und deren Bekämpfung - 10.05.2015 (7)
  2. Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts.
    Log-Analyse und Auswertung - 23.03.2015 (18)
  3. Virus ADWARE/InstallerCore,AgentCV,Adware gefunden
    Plagegeister aller Art und deren Bekämpfung - 21.02.2015 (11)
  4. Avira hat Maleware gefunden : ADWARE/Adware.Gen
    Log-Analyse und Auswertung - 09.02.2015 (9)
  5. Win7 BProtect und Adware sowie Addlyrics auf dem Laptop gefunden
    Plagegeister aller Art und deren Bekämpfung - 13.12.2014 (13)
  6. Adware.Gen7 - Adware/Cherished.oia - Adware/InstallCore.Gen9 - TR/Trash.Gen bei Antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.12.2014 (13)
  7. Adware/Adware.gen von Antivir gefunden - Forsetzung-Thread wegen Noscript und WOT
    Plagegeister aller Art und deren Bekämpfung - 26.10.2014 (16)
  8. Windows 7: ADWARE/CrossRider.Gen4, ADWARE/EoRezo.Gen4 und ADWARE/MPlug 6.14 durch AntiVir gefunden
    Log-Analyse und Auswertung - 22.10.2014 (4)
  9. eBay-Fake eMail mit ZIP Anhang gespeichert, Windows 7- Avira: Enthält Erkennungsmuster der Adware ADWARE/Adware.Gen
    Log-Analyse und Auswertung - 29.08.2014 (17)
  10. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  11. ADWARE/Adware.Gen2 8x gefunden: Schadsoftware? Dann ständig Farbfehler usw.
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (7)
  12. Win32/Adware.AddLyrics.L
    Plagegeister aller Art und deren Bekämpfung - 09.09.2013 (10)
  13. ADWARE/Adware.Gen7 gefunden Was soll ich machen?
    Plagegeister aller Art und deren Bekämpfung - 02.06.2013 (20)
  14. ADWARE/InstallCore.Gen, ADWARE/Yontoo.Gen und ADWARE/InstallCore.E von AVIRA gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.04.2013 (10)
  15. ADWARE/Adware.Gen2 in C:\$Recycle.Bin\S-1-5-21-3001668521-1564884368-437330382-1001\$RJPCQB1.exe gefunden
    Plagegeister aller Art und deren Bekämpfung - 06.04.2013 (15)
  16. PC von Adware.Agent.ZGen, Adware.ClickPotato, Adware.ShopperReports, Adware.Hotbar, Adwa angegriffen
    Mülltonne - 30.06.2011 (0)
  17. 9 Viren gefunden (Trojaner,Spyware,Adware) - Kriege sie nicht weg!
    Plagegeister aller Art und deren Bekämpfung - 24.03.2008 (9)

Zum Thema Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden - Poste mal bitte nur die Funde. Was unsichtbar ist, ist nicht so relevant... - Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden...
Archiv
Du betrachtest: Adware ADWARE/AddLyrics.Gen... / Mind. sechs Viren gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.